From 2ea6196484055397cc4bc011c5960f790431fa9d Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 12 Mar 2012 16:34:20 -0400 Subject: i18n: Remove empty translations --- src/man/po/as.po | 6314 ------------------------------------------ src/man/po/bn.po | 6313 ------------------------------------------ src/man/po/bs.po | 6315 ------------------------------------------ src/man/po/ca.po | 6313 ------------------------------------------ src/man/po/cs.po | 921 +++++-- src/man/po/de.po | 6313 ------------------------------------------ src/man/po/el.po | 6313 ------------------------------------------ src/man/po/es.po | 2043 +++++++++----- src/man/po/et.po | 6314 ------------------------------------------ src/man/po/fa.po | 6314 ------------------------------------------ src/man/po/fi.po | 6314 ------------------------------------------ src/man/po/fr.po | 2549 ++++++++++------- src/man/po/hu.po | 6313 ------------------------------------------ src/man/po/id.po | 6313 ------------------------------------------ src/man/po/it.po | 6313 ------------------------------------------ src/man/po/ja.po | 3233 ++++++++++++++++------ src/man/po/ja_JP.po | 6313 ------------------------------------------ src/man/po/ko.po | 6313 ------------------------------------------ src/man/po/lt.po | 6315 ------------------------------------------ src/man/po/nb.po | 6313 ------------------------------------------ src/man/po/nl.po | 1118 +++++--- src/man/po/nn.po | 6313 ------------------------------------------ src/man/po/pl.po | 6316 ------------------------------------------ src/man/po/po4a.cfg | 2 +- src/man/po/pt.po | 1242 +++++---- src/man/po/pt_BR.po | 6313 ------------------------------------------ src/man/po/ru.po | 999 +++++-- src/man/po/sk.po | 6313 ------------------------------------------ src/man/po/sq.po | 6314 ------------------------------------------ src/man/po/sr.po | 6314 ------------------------------------------ src/man/po/sssd-docs.pot | 909 +++++-- src/man/po/ta.po | 6313 ------------------------------------------ src/man/po/tg.po | 6768 ++++++++++++++++++++++++++++++++++++++++++++++ src/man/po/tr.po | 6314 ------------------------------------------ src/man/po/uk.po | 1740 +++++++----- src/man/po/ur.po | 6313 ------------------------------------------ src/man/po/vi.po | 6314 ------------------------------------------ src/man/po/zh_CN.po | 6314 ------------------------------------------ src/man/po/zh_TW.po | 6313 ------------------------------------------ 39 files changed, 16776 insertions(+), 181528 deletions(-) delete mode 100644 src/man/po/as.po delete mode 100644 src/man/po/bn.po delete mode 100644 src/man/po/bs.po delete mode 100644 src/man/po/ca.po delete mode 100644 src/man/po/de.po delete mode 100644 src/man/po/el.po delete mode 100644 src/man/po/et.po delete mode 100644 src/man/po/fa.po delete mode 100644 src/man/po/fi.po delete mode 100644 src/man/po/hu.po delete mode 100644 src/man/po/id.po delete mode 100644 src/man/po/it.po delete mode 100644 src/man/po/ja_JP.po delete mode 100644 src/man/po/ko.po delete mode 100644 src/man/po/lt.po delete mode 100644 src/man/po/nb.po delete mode 100644 src/man/po/nn.po delete mode 100644 src/man/po/pl.po delete mode 100644 src/man/po/pt_BR.po delete mode 100644 src/man/po/sk.po delete mode 100644 src/man/po/sq.po delete mode 100644 src/man/po/sr.po delete mode 100644 src/man/po/ta.po create mode 100644 src/man/po/tg.po delete mode 100644 src/man/po/tr.po delete mode 100644 src/man/po/ur.po delete mode 100644 src/man/po/vi.po delete mode 100644 src/man/po/zh_CN.po delete mode 100644 src/man/po/zh_TW.po (limited to 'src') diff --git a/src/man/po/as.po b/src/man/po/as.po deleted file mode 100644 index 98a5bbd9b..000000000 --- a/src/man/po/as.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Assamese (http://www.transifex.net/projects/p/fedora/team/" -"as/)\n" -"Language: as\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/bn.po b/src/man/po/bn.po deleted file mode 100644 index 10228db7b..000000000 --- a/src/man/po/bn.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Bengali <info@ankur.org.bd>\n" -"Language: bn\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/bs.po b/src/man/po/bs.po deleted file mode 100644 index 83a6a72d1..000000000 --- a/src/man/po/bs.po +++ /dev/null @@ -1,6315 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Bosnian (http://www.transifex.net/projects/p/fedora/team/" -"bs/)\n" -"Language: bs\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" -"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/ca.po b/src/man/po/ca.po deleted file mode 100644 index 8a7e65d6a..000000000 --- a/src/man/po/ca.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Catalan <fedora@llistes.softcatala.org>\n" -"Language: ca\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/cs.po b/src/man/po/cs.po index b9e59e9ee..667902a49 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -8,10 +8,11 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-08 11:52+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" -"Language-Team: Czech (http://www.transifex.net/projects/p/fedora/team/cs/)\n" +"Language-Team: Czech (http://www.transifex.net/projects/p/fedora/language/" +"cs/)\n" "Language: cs\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -23,7 +24,9 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Manuálové stránky SSSD" @@ -36,7 +39,8 @@ msgstr "" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "8" @@ -59,6 +63,8 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "POPIS" @@ -73,6 +79,8 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "VOLBY" @@ -106,12 +114,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "VIZ TAKÉ" @@ -215,7 +224,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "" @@ -445,7 +454,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" msgstr "" @@ -461,7 +470,7 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 @@ -470,12 +479,32 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 -msgid "command (string)" +msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:273 msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " "name for the service. In the vast majority of configurations, the default " @@ -483,45 +512,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -529,7 +558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -539,7 +568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -548,17 +577,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -566,17 +595,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -585,78 +614,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -664,138 +693,138 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -803,59 +832,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -863,7 +892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -872,17 +901,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -890,27 +919,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " @@ -918,7 +947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -927,71 +956,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 +#: sssd.conf.5.xml:645 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1000,56 +1029,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1059,14 +1088,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1075,98 +1104,98 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1175,47 +1204,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1224,19 +1253,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1244,7 +1273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1252,30 +1281,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1283,17 +1312,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1302,24 +1331,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1327,7 +1356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1335,7 +1364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1343,35 +1372,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1379,29 +1408,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1409,66 +1438,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1476,51 +1505,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1528,29 +1557,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1558,19 +1587,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1578,73 +1607,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -1652,17 +1681,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -1671,17 +1700,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -1689,17 +1718,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -1707,18 +1736,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1748,7 +1777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -1757,7 +1786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -3589,10 +3618,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 -#, fuzzy -#| msgid "OPTIONS" msgid "SUDO OPTIONS" -msgstr "VOLBY" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 @@ -3798,17 +3825,15 @@ msgstr "" #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 -#, fuzzy -#| msgid "OPTIONS" msgid "AUTOFS OPTIONS" -msgstr "VOLBY" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 @@ -5082,12 +5107,12 @@ msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -5234,7 +5259,8 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" @@ -6194,6 +6220,321 @@ msgid "" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -6332,3 +6673,113 @@ msgstr "<option>-h</option>,<option>--help</option>" #: include/param_help.xml:7 msgid "Display help message and exit." msgstr "Zobraz nápovědu a ukonči program." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/de.po b/src/man/po/de.po deleted file mode 100644 index 068446b8e..000000000 --- a/src/man/po/de.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: German <trans-de@lists.fedoraproject.org>\n" -"Language: de\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/el.po b/src/man/po/el.po deleted file mode 100644 index d6f0e45c3..000000000 --- a/src/man/po/el.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Greek <trans-el@lists.fedoraproject.org>\n" -"Language: el\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/es.po b/src/man/po/es.po index 8d9470d9d..852cff6f1 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -3,13 +3,16 @@ # This file is distributed under the same license as the sssd-docs package. # # Translators: +# Adolfo Jayme Barrientos <fitoschido@gmail.com>, 2012. +# Eduardo Villagrán <evillagr@fedoraproject.org>, 2011. +# Eduardo Villagrán M <gotencool@gmail.com>, 2011. # Héctor Daniel Cabrera <logan@fedoraproject.org>, 2011. msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-08 11:52+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Spanish (Castilian) <trans-es@lists.fedoraproject.org>\n" "Language: es\n" @@ -23,7 +26,9 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Páginas de manual de SSSD" @@ -36,7 +41,8 @@ msgstr "sss_groupmod" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "8" @@ -62,6 +68,8 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "DESCRIPCION" @@ -78,6 +86,8 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "OPCIONES" @@ -120,12 +130,13 @@ msgstr "" "<replaceable>GROUPS</replaceable>" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "VEA TAMBIEN" @@ -257,7 +268,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "Parámetros de sección" @@ -398,7 +409,7 @@ msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:162 msgid "try_inotify (boolean)" -msgstr "try_inotify (booleano)" +msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:165 @@ -446,7 +457,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:190 msgid "krb5_rcache_dir (string)" -msgstr "" +msgstr "krb5_rcache_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:193 @@ -495,64 +506,88 @@ msgid "" "section, for example, for NSS service, the section would be <quote>[nss]</" "quote>" msgstr "" +"Los ajustes que pueden ser utilizados para configurar diferentes servicios " +"se describe en esta sección. Ellos deben residir en la sección [<replaceable>" +"$NAME</replaceable>], por ejemplo, para el servicio NSS, la sección sería " +"<quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:225 msgid "General service configuration options" -msgstr "" +msgstr "Opciones de configuración de servicios generales" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:227 msgid "These options can be used to configure any service." -msgstr "" +msgstr "Estas opciones pueden usarse para configurar cualquier servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:231 msgid "debug_level (integer)" -msgstr "" +msgstr "debug_level (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:235 msgid "debug_timestamps (bool)" -msgstr "" +msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:238 msgid "Add a timestamp to the debug messages" -msgstr "" +msgstr "Agregar una marca de tiempo a los mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" -msgstr "" +msgstr "Predeterminado: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:246 msgid "debug_microseconds (bool)" -msgstr "" +msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:249 msgid "Add microseconds to the timestamp in debug messages" -msgstr "" +msgstr "Agregar microsegundos a la marca de tiempo en mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 msgid "Default: false" -msgstr "" +msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 -msgid "command (string)" +msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:273 msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "command (cadena)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " "name for the service. In the vast majority of configurations, the default " @@ -560,45 +595,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" +msgstr "Predeterminado: <command>sssd_${service_name}</command>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" -msgstr "" +msgstr "Opciones de configuración de NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" +"Estas opciones pueden ser usadas para configurar el servicio Name Service " +"Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" -msgstr "" +msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" -msgstr "" +msgstr "Predeterminado: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" -msgstr "" +msgstr "entry_cache_nowait_percentage (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -606,7 +643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -616,7 +653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -625,17 +662,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" -msgstr "" +msgstr "Predeterminado: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" -msgstr "" +msgstr "entry_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -643,17 +680,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" -msgstr "" +msgstr "Predeterminado: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" -msgstr "" +msgstr "filter_users, filter_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -662,78 +699,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" -msgstr "" +msgstr "Predeterminado: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" -msgstr "" +msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" -msgstr "" +msgstr "override_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" -msgstr "" +msgstr "número UID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" -msgstr "" +msgstr "%d" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" -msgstr "" +msgstr "nombre de dominio" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" -msgstr "" +msgstr "%f" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" -msgstr "" +msgstr "%%" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -741,138 +778,140 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" -msgstr "" +msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" -msgstr "" +msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" -msgstr "" +msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" -msgstr "" +msgstr "Predeterminado: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" -msgstr "" +msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" +"Estas opciones pueden ser usadas para configurar el servicio Pluggable " +"Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" -msgstr "" +msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" -msgstr "" +msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" -msgstr "" +msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" -msgstr "" +msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -880,59 +919,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" -msgstr "" +msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" -msgstr "" +msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" -msgstr "" +msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" +msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" +msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" +msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" +"<emphasis>3</emphasis>: mostrar todos los mensajes e información de " +"depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" -msgstr "" +msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" -msgstr "" +msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -940,7 +981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -949,17 +990,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" -msgstr "" +msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." -msgstr "" +msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -967,27 +1008,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" -msgstr "" +msgstr "Predeterminado: 7" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " @@ -995,7 +1036,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -1004,75 +1045,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:645 msgid "Default: 180" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -#, fuzzy -#| msgid "reconnection_retries (integer)" +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" -msgstr "reconnection_retries (entero)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" -msgstr "" +msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" -msgstr "" +msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" +"Límites de UID y GID para el dominio. Si un dominio contiene una entrada que " +"está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1081,56 +1120,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" +msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" -msgstr "" +msgstr "timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" -msgstr "" +msgstr "Predeterminado: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" -msgstr "" +msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" -msgstr "" +msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1140,14 +1179,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1156,98 +1195,102 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" -msgstr "" +msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" +"Cuántos segundos debe considerar nss_sss como válidas las entradas antes de " +"volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" -msgstr "" +msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" +"Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " +"plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" -msgstr "" +msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1256,47 +1299,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" -msgstr "" +msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" -msgstr "" +msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" -msgstr "" +msgstr "Backends soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1305,19 +1348,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" -msgstr "" +msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" +"El proveedor de autenticación usado por el dominio. Los proveedores de " +"autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1325,7 +1370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1333,30 +1378,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" -msgstr "" +msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1364,17 +1409,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." -msgstr "" +msgstr "<quote>permit</quote> siempre permitir el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." -msgstr "" +msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1383,24 +1428,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" -msgstr "" +msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" -msgstr "" +msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1408,51 +1453,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> para cambiar una contraseña almacenada en un servidor " +"LDAP. Vea <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> para más información sobre " +"configurar LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote> para cambiar una contraseña Kerberos. Vea <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" +"<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1460,31 +1513,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -#, fuzzy -#| msgid "re_expression (string)" +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" -msgstr "re_expression (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1492,66 +1543,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" -msgstr "" +msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" -msgstr "" +msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" +msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" +msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" +msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" +msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" -msgstr "" +msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" -msgstr "" +msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1559,51 +1610,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" -msgstr "" +msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" +"Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" -msgstr "" +msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" -msgstr "" +msgstr "case_sensitive (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" -msgstr "" +msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1611,29 +1663,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" -msgstr "" +msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" -msgstr "" +msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1641,130 +1693,147 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" +"Opciones válidas para dominios proxy. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" -msgstr "" +msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " "<replaceable>id_provider=local</replaceable>." msgstr "" +"Esta sección contiene la configuración para dominio que almacena los " +"usuarios y grupos en la base de datos SSSD nativa, es decir, un dominio que " +"utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" -msgstr "" +msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" +"El shell predeterminado para los usuarios creados con herramientas de " +"espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" -msgstr "" +msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" -msgstr "" +msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" +"Las herramientas anexan el nombre de inicio de sesión para " +"<replaceable>base_directory</replaceable> y utilizan éste como el directorio " +"de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" -msgstr "" +msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" -msgstr "" +msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" -msgstr "" +msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" -msgstr "" +msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" -msgstr "" +msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " "on a newly created home directory." msgstr "" +"Utilizado por <citerefentry><refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> para especificar los permisos " +"predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" -msgstr "" +msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" -msgstr "" +msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" +"El directorio esqueleto, el cual contiene archivos y directorios a copiarse " +"en el directorio principal del usuario, cuando se crea el directorio " +"principal de <citerefentry><refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" -msgstr "" +msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" -msgstr "" +msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -1772,17 +1841,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" -msgstr "" +msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" -msgstr "" +msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -1790,18 +1859,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" -msgstr "" +msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" -msgstr "" +msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1829,9 +1898,33 @@ msgid "" "max_id = 20000\n" "enumerate = False\n" msgstr "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -1840,7 +1933,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -1857,11 +1950,25 @@ msgid "" "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 msgid "sssd-ldap" -msgstr "" +msgstr "sssd-ldap" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 @@ -1876,7 +1983,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:35 msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" +msgstr "Puede configurar SSSD para usar más de un dominio LDAP." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:38 @@ -1894,12 +2001,12 @@ msgstr "" #: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" -msgstr "" +msgstr "OPCIONES DE CONFIGURACIÓN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri (string)" -msgstr "" +msgstr "ldap_uri (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 @@ -1915,27 +2022,29 @@ msgstr "" #: sssd-ldap.5.xml:70 msgid "The format of the URI must match the format defined in RFC 2732:" msgstr "" +"El formato de la URI debe coincidir con el formato definido en RFC 2732:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:73 msgid "ldap[s]://<host>[:port]" -msgstr "" +msgstr "ldap[s]://<host>[:port]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:76 msgid "" "For explicit IPv6 addresses, <host> must be enclosed in brackets []" msgstr "" +"Para direcciones IPv6 explícitas, <host> debe estar entre corchetes []" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:79 msgid "example: ldap://[fc00::126:25]:389" -msgstr "" +msgstr "ejemplo: ldap://[fc00::126:25]:389" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:85 msgid "ldap_chpass_uri (string)" -msgstr "" +msgstr "ldap_chpass_uri (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:88 @@ -1950,6 +2059,8 @@ msgstr "" #: sssd-ldap.5.xml:95 msgid "To enable service discovery ldap_chpass_dns_service_name must be set." msgstr "" +"Para habilitar el servicio descubrimiento ldap_chpass_dns_service_name debe " +"ser establecido." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:99 @@ -1959,12 +2070,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:105 msgid "ldap_search_base (string)" -msgstr "" +msgstr "ldap_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:108 msgid "The default base DN to use for performing LDAP user operations." msgstr "" +"El DN base por defecto que se usará para realizar operaciones LDAP de " +"usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:112 @@ -1976,7 +2089,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:116 msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" +msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:119 @@ -1993,7 +2106,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:126 msgid "Examples:" -msgstr "" +msgstr "Ejemplos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:129 @@ -2032,7 +2145,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:158 msgid "ldap_schema (string)" -msgstr "" +msgstr "ldap_schema (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:161 @@ -2051,12 +2164,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:180 msgid "Default: rfc2307" -msgstr "" +msgstr "Predeterminado: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:186 msgid "ldap_default_bind_dn (string)" -msgstr "" +msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:189 @@ -2066,7 +2179,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:196 msgid "ldap_default_authtok_type (string)" -msgstr "" +msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:199 @@ -2076,17 +2189,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:203 msgid "The two mechanisms currently supported are:" -msgstr "" +msgstr "Los dos mecanismos actualmente soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:206 msgid "password" -msgstr "" +msgstr "contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:209 msgid "obfuscated_password" -msgstr "" +msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 @@ -2096,7 +2209,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:218 msgid "ldap_default_authtok (string)" -msgstr "" +msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:221 @@ -2108,127 +2221,132 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:228 msgid "ldap_user_object_class (string)" -msgstr "" +msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:231 msgid "The object class of a user entry in LDAP." -msgstr "" +msgstr "La clase de objeto de una entrada de usuario en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:234 msgid "Default: posixAccount" -msgstr "" +msgstr "Predeterminado: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:240 msgid "ldap_user_name (string)" -msgstr "" +msgstr "ldap_user_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:243 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" +"El atributo LDAP que corresponde al nombre de inicio de sesión del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:247 msgid "Default: uid" -msgstr "" +msgstr "Predeterminado: uid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:253 msgid "ldap_user_uid_number (string)" -msgstr "" +msgstr "ldap_user_uid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:256 msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" +msgstr "El atributo LDAP que corresponde al id de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:260 msgid "Default: uidNumber" -msgstr "" +msgstr "Predeterminado: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:266 msgid "ldap_user_gid_number (string)" -msgstr "" +msgstr "ldap_user_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:269 msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" +msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 msgid "Default: gidNumber" -msgstr "" +msgstr "Predeterminado: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:279 msgid "ldap_user_gecos (string)" -msgstr "" +msgstr "ldap_user_gecos (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:282 msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" +msgstr "El atributo LDAP que corresponde al campo de gecos del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:286 msgid "Default: gecos" -msgstr "" +msgstr "Predeterminado: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:292 msgid "ldap_user_home_directory (string)" -msgstr "" +msgstr "ldap_user_home_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:295 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" +"El atributo LDAP que contiene el nombre del directorio principal del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:299 msgid "Default: homeDirectory" -msgstr "" +msgstr "Predeterminado: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:305 msgid "ldap_user_shell (string)" -msgstr "" +msgstr "ldap_user_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:308 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" +"El atributo LDAP que contiene la ruta de acceso a la shell predeterminada " +"del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:312 msgid "Default: loginShell" -msgstr "" +msgstr "Predeterminado: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:318 msgid "ldap_user_uuid (string)" -msgstr "" +msgstr "ldap_user_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:321 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" +"El atributo LDAP que contiene el GUID/UUID de un objeto de usuario LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 msgid "Default: nsUniqueId" -msgstr "" +msgstr "Predeterminado: nsUniqueId" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:331 msgid "ldap_user_modify_timestamp (string)" -msgstr "" +msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 @@ -2236,16 +2354,18 @@ msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" +"El atributo LDAP que contiene la fecha y hora de la última modificación del " +"objeto primario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 msgid "Default: modifyTimestamp" -msgstr "" +msgstr "Predeterminado: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:344 msgid "ldap_user_shadow_last_change (string)" -msgstr "" +msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:347 @@ -2259,12 +2379,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:357 msgid "Default: shadowLastChange" -msgstr "" +msgstr "Predeterminado: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:363 msgid "ldap_user_shadow_min (string)" -msgstr "" +msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:366 @@ -2278,12 +2398,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:375 msgid "Default: shadowMin" -msgstr "" +msgstr "Predeterminado: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:381 msgid "ldap_user_shadow_max (string)" -msgstr "" +msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:384 @@ -2297,12 +2417,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:393 msgid "Default: shadowMax" -msgstr "" +msgstr "Predeterminado: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:399 msgid "ldap_user_shadow_warning (string)" -msgstr "" +msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:402 @@ -2316,12 +2436,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:412 msgid "Default: shadowWarning" -msgstr "" +msgstr "Predeterminado: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:418 msgid "ldap_user_shadow_inactive (string)" -msgstr "" +msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:421 @@ -2335,12 +2455,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:431 msgid "Default: shadowInactive" -msgstr "" +msgstr "Predeterminado: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_expire (string)" -msgstr "" +msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:440 @@ -2354,12 +2474,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:450 msgid "Default: shadowExpire" -msgstr "" +msgstr "Predeterminado: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:456 msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" +msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:459 @@ -2372,12 +2492,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:465 msgid "Default: krbLastPwdChange" -msgstr "" +msgstr "Predeterminado: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:471 msgid "ldap_user_krb_password_expiration (string)" -msgstr "" +msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:474 @@ -2389,12 +2509,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:480 msgid "Default: krbPasswordExpiration" -msgstr "" +msgstr "Predeterminado: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:486 msgid "ldap_user_ad_account_expires (string)" -msgstr "" +msgstr "ldap_user_ad_account_expires (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:489 @@ -2406,12 +2526,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:494 msgid "Default: accountExpires" -msgstr "" +msgstr "Predeterminado: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:500 msgid "ldap_user_ad_user_account_control (string)" -msgstr "" +msgstr "ldap_user_ad_user_account_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:503 @@ -2423,12 +2543,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:508 msgid "Default: userAccountControl" -msgstr "" +msgstr "Predeterminado: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:514 msgid "ldap_ns_account_lock (string)" -msgstr "" +msgstr "ldap_ns_account_lock (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:517 @@ -2440,12 +2560,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:522 msgid "Default: nsAccountLock" -msgstr "" +msgstr "Predeterminado: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:528 msgid "ldap_user_nds_login_disabled (string)" -msgstr "" +msgstr "ldap_user_nds_login_disabled (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:531 @@ -2457,12 +2577,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 msgid "Default: loginDisabled" -msgstr "" +msgstr "Predeterminado: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:541 msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" +msgstr "ldap_user_nds_login_expiration_time (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:544 @@ -2474,7 +2594,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:555 msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" +msgstr "ldap_user_nds_login_allowed_time_map (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:558 @@ -2486,12 +2606,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:563 msgid "Default: loginAllowedTimeMap" -msgstr "" +msgstr "Predeterminado: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:569 msgid "ldap_user_principal (string)" -msgstr "" +msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:572 @@ -2503,7 +2623,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:576 msgid "Default: krbPrincipalName" -msgstr "" +msgstr "Predeterminado: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:582 @@ -2518,7 +2638,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:592 msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" +msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:595 @@ -2532,7 +2652,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:608 msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:611 @@ -2544,14 +2664,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 msgid "Default: 300" -msgstr "" +msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:622 -#, fuzzy -#| msgid "reconnection_retries (integer)" msgid "ldap_purge_cache_timeout (integer)" -msgstr "reconnection_retries (entero)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:625 @@ -2565,33 +2683,35 @@ msgstr "" #: sssd-ldap.5.xml:631 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" +"Establecer esta opción en cero desactivará la operación de limpieza de la " +"caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:635 msgid "Default: 10800 (12 hours)" -msgstr "" +msgstr "Predeterminado: 10800 (12 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:641 msgid "ldap_user_fullname (string)" -msgstr "" +msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:644 msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" +msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 #: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 #: sssd-ipa.5.xml:422 msgid "Default: cn" -msgstr "" +msgstr "Predeterminado: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:654 msgid "ldap_user_member_of (string)" -msgstr "" +msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:657 @@ -2601,12 +2721,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 msgid "Default: memberOf" -msgstr "" +msgstr "Predeterminado: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:667 msgid "ldap_user_authorized_service (string)" -msgstr "" +msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:670 @@ -2626,12 +2746,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:682 msgid "Default: authorizedService" -msgstr "" +msgstr "Predeterminado: iluminada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:688 msgid "ldap_user_authorized_host (string)" -msgstr "" +msgstr "ldap_user_authorized_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:691 @@ -2651,77 +2771,77 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:702 msgid "Default: host" -msgstr "" +msgstr "Default: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:708 msgid "ldap_group_object_class (string)" -msgstr "" +msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:711 msgid "The object class of a group entry in LDAP." -msgstr "" +msgstr "La clase de objeto de una entrada de grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:714 msgid "Default: posixGroup" -msgstr "" +msgstr "Por defecto: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:720 msgid "ldap_group_name (string)" -msgstr "" +msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:723 msgid "The LDAP attribute that corresponds to the group name." -msgstr "" +msgstr "El atributo LDAP que corresponde al nombre de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:733 msgid "ldap_group_gid_number (string)" -msgstr "" +msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:736 msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" +msgstr "El atributo LDAP que corresponde al id del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:746 msgid "ldap_group_member (string)" -msgstr "" +msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:749 msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" +msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:753 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" +msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:759 msgid "ldap_group_uuid (string)" -msgstr "" +msgstr "ldap_group_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:762 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" +msgstr "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:772 msgid "ldap_group_modify_timestamp (string)" -msgstr "" +msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:785 msgid "ldap_group_nesting_level (integer)" -msgstr "" +msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:788 @@ -2734,17 +2854,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:795 msgid "Default: 2" -msgstr "" +msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:801 msgid "ldap_netgroup_object_class (string)" -msgstr "" +msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:804 msgid "The object class of a netgroup entry in LDAP." -msgstr "" +msgstr "La clase de objeto de una entrada netgroup en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:807 @@ -2754,17 +2874,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:811 msgid "Default: nisNetgroup" -msgstr "" +msgstr "Predeterminado: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:817 msgid "ldap_netgroup_name (string)" -msgstr "" +msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:820 msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" +msgstr "El atributo LDAP que corresponde al nombre del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:824 @@ -2774,7 +2894,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:834 msgid "ldap_netgroup_member (string)" -msgstr "" +msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:837 @@ -2789,12 +2909,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:845 msgid "Default: memberNisNetgroup" -msgstr "" +msgstr "Predeterminado: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:851 msgid "ldap_netgroup_triple (string)" -msgstr "" +msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:854 @@ -2810,12 +2930,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:861 msgid "Default: nisNetgroupTriple" -msgstr "" +msgstr "Predeterminado: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:867 msgid "ldap_netgroup_uuid (string)" -msgstr "" +msgstr "ldap_netgroup_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:870 @@ -2831,7 +2951,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:884 msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" +msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:900 @@ -2845,10 +2965,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 -#, fuzzy -#| msgid "Default: 3" msgid "Default: ipService" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:912 @@ -2864,10 +2982,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:925 -#, fuzzy -#| msgid "full_name_format (string)" msgid "ldap_service_port (string)" -msgstr "full_name_format (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:928 @@ -2881,10 +2997,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:938 -#, fuzzy -#| msgid "re_expression (string)" msgid "ldap_service_proto (string)" -msgstr "re_expression (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:941 @@ -2921,12 +3035,12 @@ msgstr "" #: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 #: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" +msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:970 msgid "ldap_search_timeout (integer)" -msgstr "" +msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:973 @@ -2947,12 +3061,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 msgid "Default: 6" -msgstr "" +msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:991 msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:994 @@ -2965,12 +3079,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1001 msgid "Default: 60" -msgstr "" +msgstr "Predeterminado: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1007 msgid "ldap_network_timeout (integer)" -msgstr "" +msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1010 @@ -2986,7 +3100,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1033 msgid "ldap_opt_timeout (integer)" -msgstr "" +msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1036 @@ -2999,7 +3113,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1048 msgid "ldap_connection_expire_timeout (integer)" -msgstr "" +msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1051 @@ -3013,12 +3127,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1059 msgid "Default: 900 (15 minutes)" -msgstr "" +msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1065 msgid "ldap_page_size (integer)" -msgstr "" +msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1068 @@ -3030,7 +3144,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1073 msgid "Default: 1000" -msgstr "" +msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1079 @@ -3063,7 +3177,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1103 msgid "ldap_deref_threshold (integer)" -msgstr "" +msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1106 @@ -3099,7 +3213,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1137 msgid "ldap_tls_reqcert (string)" -msgstr "" +msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1140 @@ -3142,17 +3256,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1169 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" +msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1173 msgid "Default: hard" -msgstr "" +msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1179 msgid "ldap_tls_cacert (string)" -msgstr "" +msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1182 @@ -3171,7 +3285,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1194 msgid "ldap_tls_cacertdir (string)" -msgstr "" +msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1197 @@ -3185,7 +3299,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1212 msgid "ldap_tls_cert (string)" -msgstr "" +msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1215 @@ -3196,22 +3310,22 @@ msgstr "" #: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 #: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 msgid "Default: not set" -msgstr "" +msgstr "Predeterminado: no definido" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1225 msgid "ldap_tls_key (string)" -msgstr "" +msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1228 msgid "Specifies the file that contains the client's key." -msgstr "" +msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1237 msgid "ldap_tls_cipher_suite (string)" -msgstr "" +msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1240 @@ -3236,7 +3350,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1266 msgid "ldap_sasl_mech (string)" -msgstr "" +msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1269 @@ -3244,16 +3358,18 @@ msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" +"Especifica el mecanismo SASL a emplear. Actualmente sólo GSSAPI está " +"probado y soportado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 msgid "Default: none" -msgstr "" +msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1279 msgid "ldap_sasl_authid (string)" -msgstr "" +msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1282 @@ -3265,12 +3381,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1287 msgid "Default: host/machine.fqdn@REALM" -msgstr "" +msgstr "Predeterminado: host/machine.fqdn@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1293 msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" +msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1296 @@ -3282,12 +3398,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1301 msgid "Default: false;" -msgstr "" +msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1307 msgid "ldap_krb5_keytab (string)" -msgstr "" +msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1310 @@ -3315,7 +3431,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1334 msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" +msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1337 @@ -3325,12 +3441,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1341 msgid "Default: 86400 (24 hours)" -msgstr "" +msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 msgid "krb5_server (string)" -msgstr "" +msgstr "krb5_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 @@ -3363,7 +3479,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" -msgstr "" +msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1379 @@ -3374,11 +3490,13 @@ msgstr "" #: sssd-ldap.5.xml:1382 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" +"Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" +"filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 msgid "krb5_canonicalize (boolean)" -msgstr "" +msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1391 @@ -3390,7 +3508,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1403 msgid "ldap_pwd_policy (string)" -msgstr "" +msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1406 @@ -3398,6 +3516,8 @@ msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" +"Seleccione la política para evaluar la caducidad de la contraseña en el lado " +"del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1411 @@ -3408,19 +3528,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1416 -#, fuzzy -#| msgid "" -#| "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -#| "manvolnum> </citerefentry>-compatible format that describes how to " -#| "translate a (name, domain) tuple into a fully qualified name." msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" -"Un formato compatible con <citerefentry> <refentrytitle>printf</" -"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> que describe cómo " -"traducir una tupla (nombre, dominio), a un nombre totalmente calificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1422 @@ -3433,7 +3545,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1434 msgid "ldap_referrals (boolean)" -msgstr "" +msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1437 @@ -3450,22 +3562,24 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1452 msgid "ldap_dns_service_name (string)" -msgstr "" +msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1455 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" +"Especifica el nombre del servicio para utilizar cuando está habilitado el " +"servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1459 msgid "Default: ldap" -msgstr "" +msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1465 msgid "ldap_chpass_dns_service_name (string)" -msgstr "" +msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1468 @@ -3473,6 +3587,9 @@ msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" +"Especifica el nombre del servicio para utilizar al buscar un servidor LDAP " +"que permita cambios de contraseña cuando está habilitado el servicio de " +"descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1473 @@ -3482,7 +3599,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1479 msgid "ldap_access_filter (string)" -msgstr "" +msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1482 @@ -3497,7 +3614,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 msgid "Example:" -msgstr "" +msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ldap.5.xml:1495 @@ -3507,6 +3624,9 @@ msgid "" "ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" " " msgstr "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1499 @@ -3527,12 +3647,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 msgid "Default: Empty" -msgstr "" +msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1518 msgid "ldap_account_expire_policy (string)" -msgstr "" +msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1521 @@ -3552,7 +3672,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1532 msgid "The following values are allowed:" -msgstr "" +msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1535 @@ -3590,22 +3710,24 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1568 msgid "ldap_access_order (string)" -msgstr "" +msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1571 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" +"Lista separada por coma de opciones de control de acceso. Los valores " +"permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1575 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" +msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1578 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" +msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1582 @@ -3613,6 +3735,8 @@ msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" +"<emphasis>authorized_service</emphasis>: utilizar el atributo " +"autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1587 @@ -3622,7 +3746,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1591 msgid "Default: filter" -msgstr "" +msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1594 @@ -3630,11 +3754,13 @@ msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" +"Tenga en cuenta que es un error de configuración si un valor es usado más de " +"una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1601 msgid "ldap_deref (string)" -msgstr "" +msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1604 @@ -3688,10 +3814,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 -#, fuzzy -#| msgid "OPTIONS" msgid "SUDO OPTIONS" -msgstr "OPCIONES" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 @@ -3705,17 +3829,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1650 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoRole" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1656 -#, fuzzy -#| msgid "full_name_format (string)" msgid "ldap_sudorule_name (string)" -msgstr "full_name_format (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1659 @@ -3734,10 +3854,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1676 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoCommand" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1682 @@ -3753,10 +3871,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoHost" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1696 @@ -3772,17 +3888,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1703 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoUser" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1709 -#, fuzzy -#| msgid "re_expression (string)" msgid "ldap_sudorule_option (string)" -msgstr "re_expression (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1712 @@ -3791,10 +3903,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoOption" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1722 @@ -3876,10 +3986,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1782 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoOrder" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1788 @@ -3913,17 +4021,15 @@ msgstr "" #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 -#, fuzzy -#| msgid "OPTIONS" msgid "AUTOFS OPTIONS" -msgstr "OPCIONES" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 @@ -3959,10 +4065,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 -#, fuzzy -#| msgid "Default: 3" msgid "Default: ou" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1860 @@ -4003,12 +4107,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1904 msgid "ADVANCED OPTIONS" -msgstr "" +msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1911 msgid "ldap_netgroup_search_base (string)" -msgstr "" +msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1914 @@ -4019,7 +4123,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1930 msgid "ldap_user_search_base (string)" -msgstr "" +msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1933 @@ -4029,7 +4133,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1949 msgid "ldap_group_search_base (string)" -msgstr "" +msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1952 @@ -4039,7 +4143,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1968 msgid "ldap_user_search_filter (string)" -msgstr "" +msgstr "ldap_user_search_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1971 @@ -4062,6 +4166,8 @@ msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" " " msgstr "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1988 @@ -4073,7 +4179,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1995 msgid "ldap_group_search_filter (string)" -msgstr "" +msgstr "ldap_group_search_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1998 @@ -4140,17 +4246,25 @@ msgid "" " cache_credentials = true\n" " enumerate = true\n" msgstr "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 #: sssd-krb5.5.xml:441 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" -msgstr "" +msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2087 @@ -4169,6 +4283,10 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <refentryinfo> #: pam_sss.8.xml:8 include/upstream.xml:2 @@ -4176,16 +4294,18 @@ msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - http://" "fedorahosted.org/sssd</orgname>" msgstr "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" +"fedorahosted.org/sssd</orgname>" #. type: Content of: <reference><refentry><refnamediv><refname> #: pam_sss.8.xml:13 pam_sss.8.xml:18 msgid "pam_sss" -msgstr "" +msgstr "pam_sss" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: pam_sss.8.xml:19 msgid "PAM module for SSSD" -msgstr "" +msgstr "Módulo PAM para SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:24 @@ -4197,6 +4317,12 @@ msgid "" "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" "arg>" msgstr "" +"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" +"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" +"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:45 @@ -4209,7 +4335,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:55 msgid "<option>quiet</option>" -msgstr "" +msgstr "<option>quiet</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:58 @@ -4219,7 +4345,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:63 msgid "<option>forward_pass</option>" -msgstr "" +msgstr "<option>forward_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:66 @@ -4231,7 +4357,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:73 msgid "<option>use_first_pass</option>" -msgstr "" +msgstr "<option>use_first_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:76 @@ -4244,7 +4370,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:84 msgid "<option>use_authtok</option>" -msgstr "" +msgstr "<option>use_authtok</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:87 @@ -4256,7 +4382,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:94 msgid "<option>retry=N</option>" -msgstr "" +msgstr "<option>retry=N</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:97 @@ -4288,7 +4414,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:117 msgid "FILES" -msgstr "" +msgstr "ARCHIVOS" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:118 @@ -4324,11 +4450,13 @@ msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 msgid "sssd_krb5_locator_plugin" -msgstr "" +msgstr "sssd_krb5_locator_plugin" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:22 @@ -4380,11 +4508,15 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" -msgstr "" +msgstr "sssd-simple" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-simple.5.xml:17 @@ -4412,7 +4544,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:43 msgid "If all lists are empty, access is granted" -msgstr "" +msgstr "Si todas las listas están vacías, se concede acceso" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:47 @@ -4438,7 +4570,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:78 msgid "simple_allow_users (string)" -msgstr "" +msgstr "simple_allow_users (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:81 @@ -4448,7 +4580,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:88 msgid "simple_deny_users (string)" -msgstr "" +msgstr "simple_deny_users (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:91 @@ -4458,7 +4590,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:97 msgid "simple_allow_groups (string)" -msgstr "" +msgstr "simple_allow_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:100 @@ -4470,7 +4602,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:108 msgid "simple_deny_groups (string)" -msgstr "" +msgstr "simple_deny_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:111 @@ -4512,6 +4644,9 @@ msgid "" " access_provider = simple\n" " simple_allow_users = user1, user2\n" msgstr "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:145 @@ -4520,11 +4655,14 @@ msgid "" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 msgid "sssd-ipa" -msgstr "" +msgstr "sssd-ipa" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:23 @@ -4568,7 +4706,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:72 msgid "ipa_domain (string)" -msgstr "" +msgstr "ipa_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:75 @@ -4580,7 +4718,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:83 msgid "ipa_server (string)" -msgstr "" +msgstr "ipa_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:86 @@ -4595,7 +4733,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:99 msgid "ipa_hostname (string)" -msgstr "" +msgstr "ipa_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:102 @@ -4607,7 +4745,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:110 msgid "ipa_dyndns_update (boolean)" -msgstr "" +msgstr "ipa_dyndns_update (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:113 @@ -4626,7 +4764,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:129 msgid "ipa_dyndns_iface (string)" -msgstr "" +msgstr "ipa_dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:132 @@ -4638,12 +4776,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:137 msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" +msgstr "Predeterminado: Utilizar la dirección IP de la conexión IPA LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:143 msgid "ipa_hbac_search_base (string)" -msgstr "" +msgstr "ipa_hbac_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:146 @@ -4653,7 +4791,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:150 msgid "Default: Use base DN" -msgstr "" +msgstr "Predeterminado: Utilizar DN base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:156 @@ -4686,7 +4824,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 msgid "krb5_validate (boolean)" -msgstr "" +msgstr "krb5_validate (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 @@ -4727,7 +4865,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:247 msgid "ipa_hbac_refresh (integer)" -msgstr "" +msgstr "ipa_hbac_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:250 @@ -4740,12 +4878,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:257 msgid "Default: 5 (seconds)" -msgstr "" +msgstr "Predeterminado: 5 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:262 msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" +msgstr "ipa_hbac_treat_deny_as (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:265 @@ -4773,12 +4911,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:284 msgid "Default: DENY_ALL" -msgstr "" +msgstr "Predeterminado: DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:289 msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" +msgstr "ipa_hbac_support_srchost (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:292 @@ -4796,10 +4934,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:307 -#, fuzzy -#| msgid "re_expression (string)" msgid "ipa_automount_location (string)" -msgstr "re_expression (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:310 @@ -4814,7 +4950,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:319 msgid "ipa_netgroup_member_of (string)" -msgstr "" +msgstr "ipa_netgroup_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:322 @@ -4824,7 +4960,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:331 msgid "ipa_netgroup_member_user (string)" -msgstr "" +msgstr "ipa_netgroup_member_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:334 @@ -4836,12 +4972,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 msgid "Default: memberUser" -msgstr "" +msgstr "Predeterminado: memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:344 msgid "ipa_netgroup_member_host (string)" -msgstr "" +msgstr "ipa_netgroup_member_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:347 @@ -4853,12 +4989,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 msgid "Default: memberHost" -msgstr "" +msgstr "Predeterminado: memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:356 msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" +msgstr "ipa_netgroup_member_ext_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:359 @@ -4870,12 +5006,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:363 msgid "Default: externalHost" -msgstr "" +msgstr "Predeterminado: externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:368 msgid "ipa_netgroup_domain (string)" -msgstr "" +msgstr "ipa_netgroup_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:371 @@ -4885,12 +5021,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:375 msgid "Default: nisDomainName" -msgstr "" +msgstr "Predeterminado: nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:381 msgid "ipa_host_object_class (string)" -msgstr "" +msgstr "ipa_host_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 @@ -4900,7 +5036,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 msgid "Default: ipaHost" -msgstr "" +msgstr "Predeterminado: ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:392 @@ -4969,10 +5105,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:459 -#, fuzzy -#| msgid "Default: 3" msgid "Default: seeAlso" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:464 @@ -5048,10 +5182,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:519 -#, fuzzy -#| msgid "Default: 3" msgid "Default: ipaUniqueID" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:524 @@ -5085,6 +5217,10 @@ msgid "" " ipa_server = ipaserver.example.com\n" " ipa_hostname = myhost.example.com\n" msgstr "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:564 @@ -5096,16 +5232,22 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sssd</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.8.xml:10 sssd.8.xml:15 msgid "sssd" -msgstr "" +msgstr "sssd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.8.xml:16 msgid "System Security Services Daemon" -msgstr "" +msgstr "System Security Services Daemon" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sssd.8.xml:21 @@ -5113,6 +5255,8 @@ msgid "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" +"<command>sssd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:31 @@ -5132,47 +5276,53 @@ msgid "" "<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" "replaceable>" msgstr "" +"<option>-d</option>,<option>--debug-level</option> <replaceable>NIVEL</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:53 msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:57 msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" msgstr "" +"<emphasis>1</emphasis>: Agregar marca de tiempo a mensajes de depuración " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:60 msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" msgstr "" +"<emphasis>0</emphasis>: Desactiva marca de tiempo en mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:69 msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" +msgstr "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:73 msgid "" "<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" msgstr "" +"<emphasis>1</emphasis>: Agregar microsegundos a la marca de tiempo en " +"mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:76 msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" +msgstr "<emphasis>0</emphasis>: Desactiva microsegundos en marcas de tiempo" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:79 msgid "Default: 0" -msgstr "" +msgstr "Predeterminado: 0" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:85 msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" +msgstr "<option>-f</option>,<option>--debug-to-files</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:89 @@ -5185,30 +5335,30 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:97 msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" +msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:101 msgid "Become a daemon after starting up." -msgstr "" +msgstr "Convertido en un demonio después de la puesta en marcha." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:107 msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" +msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:111 msgid "Run in the foreground, don't become a daemon." -msgstr "" +msgstr "Ejecutar en primer plano, no convertirse en un demonio." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" -msgstr "" +msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -5219,7 +5369,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:135 msgid "<option>--version</option>" -msgstr "" +msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:139 @@ -5229,12 +5379,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.8.xml:147 msgid "Signals" -msgstr "" +msgstr "Señales" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:150 msgid "SIGTERM/SIGINT" -msgstr "" +msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:153 @@ -5246,7 +5396,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:159 msgid "SIGHUP" -msgstr "" +msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:162 @@ -5259,7 +5409,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:170 msgid "SIGUSR1" -msgstr "" +msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -5271,7 +5421,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:179 msgid "SIGUSR2" -msgstr "" +msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:182 @@ -5295,11 +5445,22 @@ msgid "" "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 msgid "sss_obfuscate" -msgstr "" +msgstr "sss_obfuscate" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_obfuscate.8.xml:16 @@ -5313,6 +5474,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" msgstr "" +"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>[CONTRASEÑA]</" +"replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:32 @@ -5347,7 +5511,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:63 msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" +msgstr "<option>-s</option>,<option>--stdin</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:67 @@ -5355,11 +5519,14 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" +"<option>-d</option>,<option>--domain</option> <replaceable>DOMINIO</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:79 @@ -5373,6 +5540,8 @@ msgstr "" msgid "" "<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" msgstr "" +"<option>-f</option>,<option>--file</option> <replaceable>ARCHIVO</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:91 @@ -5382,7 +5551,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:95 msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" +msgstr "Predeterminado: <filename>/etc/sssd/sssd.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:105 @@ -5390,16 +5559,18 @@ msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_useradd.8.xml:10 sss_useradd.8.xml:15 msgid "sss_useradd" -msgstr "" +msgstr "sss_useradd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_useradd.8.xml:16 msgid "create a new user" -msgstr "" +msgstr "Crea un nuevo usuario" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_useradd.8.xml:21 @@ -5408,6 +5579,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:32 @@ -5421,6 +5595,7 @@ msgstr "" msgid "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:48 @@ -5435,6 +5610,8 @@ msgid "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" "replaceable>" msgstr "" +"<option>-c</option>,<option>--gecos</option> <replaceable>COMENTARIO</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:60 sss_usermod.8.xml:48 @@ -5449,6 +5626,8 @@ msgid "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" msgstr "" +"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:72 @@ -5465,6 +5644,7 @@ msgstr "" msgid "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" msgstr "" +"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:87 @@ -5480,6 +5660,8 @@ msgid "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" "replaceable>" msgstr "" +"<option>-G</option>,<option>--groups</option> <replaceable>GRUPOS</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:101 @@ -5489,7 +5671,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:107 msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" +msgstr "<option>-m</option>,<option>--create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:111 @@ -5502,13 +5684,15 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:121 msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" +msgstr "<option>-M</option>,<option>--no-create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:125 msgid "" "Do not create the user's home directory. Overrides configuration settings." msgstr "" +"No se crear el directorio principal del usuario. Reemplaza los valores de " +"configuración." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:132 @@ -5516,6 +5700,8 @@ msgid "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" msgstr "" +"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:137 @@ -5539,6 +5725,8 @@ msgid "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>SELINUX_USER</replaceable>" msgstr "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:157 @@ -5560,11 +5748,20 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 msgid "sssd-krb5" -msgstr "" +msgstr "sssd-krb5" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:23 @@ -5619,7 +5816,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:113 msgid "krb5_kpasswd (string)" -msgstr "" +msgstr "krb5_kpasswd (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:116 @@ -5641,7 +5838,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:129 msgid "Default: Use the KDC" -msgstr "" +msgstr "Predeterminado: Use the KDC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:135 @@ -5663,7 +5860,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:151 msgid "Default: /tmp" -msgstr "" +msgstr "Predeterminado: /tmp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:157 @@ -5688,7 +5885,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:179 msgid "%r" -msgstr "" +msgstr "%r" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:180 @@ -5698,7 +5895,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:183 msgid "%h" -msgstr "" +msgstr "%h" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:184 @@ -5708,17 +5905,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:189 msgid "value of krb5ccache_dir" -msgstr "" +msgstr "valor de krb5ccache_dir" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:194 msgid "%P" -msgstr "" +msgstr "%P" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:195 msgid "the process ID of the sssd client" -msgstr "" +msgstr "el ID de proceso del cliente sssd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:160 @@ -5733,12 +5930,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:209 msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" +msgstr "Predeterminado: FILE:%d/krb5cc_%U_XXXXXX" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:215 msgid "krb5_auth_timeout (integer)" -msgstr "" +msgstr "krb5_auth_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:218 @@ -5750,7 +5947,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:241 msgid "krb5_keytab (string)" -msgstr "" +msgstr "krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:244 @@ -5762,12 +5959,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:248 msgid "Default: /etc/krb5.keytab" -msgstr "" +msgstr "Predeterminado: /etc/krb5.keytab" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:254 msgid "krb5_store_password_if_offline (boolean)" -msgstr "" +msgstr "krb5_store_password_if_offline (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:257 @@ -5787,7 +5984,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:275 msgid "krb5_renewable_lifetime (string)" -msgstr "" +msgstr "krb5_renewable_lifetime (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:278 @@ -5799,22 +5996,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 msgid "<emphasis>s</emphasis> seconds" -msgstr "" +msgstr "<emphasis>s</emphasis> segundos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 msgid "<emphasis>m</emphasis> minutes" -msgstr "" +msgstr "<emphasis>m</emphasis> minutos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 msgid "<emphasis>h</emphasis> hours" -msgstr "" +msgstr "<emphasis>h</emphasis> horas" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 msgid "<emphasis>d</emphasis> days." -msgstr "" +msgstr "<emphasis>d</emphasis> días." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 @@ -5837,7 +6034,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:311 msgid "krb5_lifetime (string)" -msgstr "" +msgstr "krb5_lifetime (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:314 @@ -5862,7 +6059,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:347 msgid "krb5_renew_interval (integer)" -msgstr "" +msgstr "krb5_renew_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:350 @@ -5879,7 +6076,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:365 msgid "krb5_use_fast (string)" -msgstr "" +msgstr "krb5_use_fast (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:368 @@ -5930,7 +6127,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:400 msgid "krb5_fast_principal (string)" -msgstr "" +msgstr "krb5_fast_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:403 @@ -5972,6 +6169,10 @@ msgid "" " krb5_server = 192.168.1.1\n" " krb5_realm = EXAMPLE.COM\n" msgstr "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:453 @@ -5981,16 +6182,20 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 msgid "sss_groupadd" -msgstr "" +msgstr "sss_groupadd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupadd.8.xml:16 msgid "create a new group" -msgstr "" +msgstr "Crea un nuevo grupo" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupadd.8.xml:21 @@ -5999,6 +6204,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GRUPO</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:32 @@ -6013,6 +6221,7 @@ msgstr "" msgid "" "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" msgstr "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupadd.8.xml:48 @@ -6034,16 +6243,25 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_userdel.8.xml:10 sss_userdel.8.xml:15 msgid "sss_userdel" -msgstr "" +msgstr "sss_userdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_userdel.8.xml:16 msgid "delete a user account" -msgstr "" +msgstr "eliminar una cuenta de usuario" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_userdel.8.xml:21 @@ -6052,6 +6270,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:32 @@ -6063,7 +6284,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:44 msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" +msgstr "<option>-r</option>,<option>--remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:48 @@ -6075,7 +6296,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:56 msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" +msgstr "<option>-R</option>,<option>--no-remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:60 @@ -6087,7 +6308,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:68 msgid "<option>-f</option>,<option>--force</option>" -msgstr "" +msgstr "<option>-f</option>,<option>--force</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:72 @@ -6099,12 +6320,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:80 msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" +msgstr "<option>-k</option>,<option>--kick</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:84 msgid "Before actually deleting the user, terminate all his processes." -msgstr "" +msgstr "Antes de realmente eliminar al usuario, terminar todos sus procesos." #. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:95 @@ -6119,16 +6340,25 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 msgid "sss_groupdel" -msgstr "" +msgstr "sss_groupdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupdel.8.xml:16 msgid "delete a group" -msgstr "" +msgstr "eliminar un grupo" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupdel.8.xml:21 @@ -6137,6 +6367,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GRUPO</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:32 @@ -6158,11 +6391,20 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 msgid "sss_groupshow" -msgstr "" +msgstr "sss_groupshow" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupshow.8.xml:16 @@ -6176,6 +6418,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GRUPO</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupshow.8.xml:32 @@ -6188,7 +6433,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupshow.8.xml:43 msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" +msgstr "<option>-R</option>,<option>--recursive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupshow.8.xml:47 @@ -6210,16 +6455,24 @@ msgid "" "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_usermod.8.xml:10 sss_usermod.8.xml:15 msgid "sss_usermod" -msgstr "" +msgstr "sss_usermod" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_usermod.8.xml:16 msgid "modify a user account" -msgstr "" +msgstr "Modifica una cuenta de usuario" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_usermod.8.xml:21 @@ -6228,6 +6481,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:32 @@ -6240,12 +6496,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:60 msgid "The home directory of the user account." -msgstr "" +msgstr "El directorio principal de la cuenta de usuario." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:71 msgid "The user's login shell." -msgstr "" +msgstr "Shell de inicio de sesión del usuario." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:82 @@ -6265,7 +6521,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:103 msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" +msgstr "<option>-l</option>,<option>--lock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:107 @@ -6275,7 +6531,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:114 msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" +msgstr "<option>-u</option>,<option>--unlock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:118 @@ -6300,11 +6556,335 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" -msgstr "" +msgstr "SERVICIO DE DESCUBRIMIENTO" #. type: Content of: <refsect1><para> #: include/service_discovery.xml:4 @@ -6316,7 +6896,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:9 msgid "Configuration" -msgstr "" +msgstr "Configuración" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:11 @@ -6333,7 +6913,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:23 msgid "The domain name" -msgstr "" +msgstr "El nombre de dominio" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:25 @@ -6346,7 +6926,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:35 msgid "The protocol" -msgstr "" +msgstr "El protocolo" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:37 @@ -6369,7 +6949,7 @@ msgstr "" #. type: Content of: outside any tag (error?) #: include/upstream.xml:1 msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" #. type: Content of: <refsect1><title> #: include/failover.xml:2 @@ -6433,12 +7013,119 @@ msgstr "" #. type: Content of: <varlistentry><term> #: include/param_help.xml:3 msgid "<option>-h</option>,<option>--help</option>" -msgstr "" +msgstr "<option>-h</option>,<option>--help</option>" #. type: Content of: <varlistentry><listitem><para> #: include/param_help.xml:7 msgid "Display help message and exit." +msgstr "Muestra mensaje de ayuda y sale." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." msgstr "" -#~ msgid "Supported services: nss, pam" -#~ msgstr "Servicios soportados: nss, pam" +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/et.po b/src/man/po/et.po deleted file mode 100644 index 0611a0208..000000000 --- a/src/man/po/et.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Estonian (http://www.transifex.net/projects/p/fedora/team/" -"et/)\n" -"Language: et\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/fa.po b/src/man/po/fa.po deleted file mode 100644 index ac0b39931..000000000 --- a/src/man/po/fa.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Persian (http://www.transifex.net/projects/p/fedora/team/" -"fa/)\n" -"Language: fa\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/fi.po b/src/man/po/fi.po deleted file mode 100644 index ba151a7b8..000000000 --- a/src/man/po/fi.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Finnish (http://www.transifex.net/projects/p/fedora/team/" -"fi/)\n" -"Language: fi\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/fr.po b/src/man/po/fr.po index 24c761ab2..6807e0048 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -3,12 +3,14 @@ # This file is distributed under the same license as the sssd-docs package. # # Translators: +# Fabien Archambault <marbolangos@gmail.com>, 2012. +# <sgallagh@redhat.com>, 2012. msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-12 20:08+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: French <trans-fr@lists.fedoraproject.org>\n" "Language: fr\n" @@ -22,9 +24,11 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" -msgstr "" +msgstr "Manuel de SSSD" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 @@ -35,7 +39,8 @@ msgstr "sss_groupmod" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "8" @@ -61,6 +66,8 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "DESCRIPTION" @@ -77,6 +84,8 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "OPTIONS" @@ -119,12 +128,13 @@ msgstr "" "<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "VOIR AUSSI" @@ -189,8 +199,8 @@ msgid "" " " msgstr "" " <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" <replaceable>clef</replaceable> = <replaceable>valeur</replaceable>\n" +" <replaceable>clef2</replaceable> = <replaceable>valeur2, valeur3</replaceable>\n" " " #. type: Content of: <reference><refentry><refsect1><para> @@ -201,6 +211,10 @@ msgid "" "until the next section begins. An example of section with single and multi-" "valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"Ce fichier utilise la syntaxe « ini-style » et est constituée de sections " +"ainsi que de paramètres. Une sections commence par le nom de la section " +"entre guillements et continue jusqu'à la section suivante. Un exemple de " +"section avec des paramètres : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:36 @@ -237,7 +251,7 @@ msgid "" "<filename>sssd.conf</filename> must be a regular file, owned by root and " "only root may read from or write to the file." msgstr "" -"<filename>sssd.conf</filename> doit être un fichier possédé par root et seul " +"<filename>sssd.conf</filename> doit être un fichier possédé par root, seul " "root peut écrire et lire ce fichier." #. type: Content of: <reference><refentry><refsect1><title> @@ -251,7 +265,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "Paramètres de section" @@ -304,7 +318,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:102 sssd.conf.5.xml:265 msgid "Default: 3" -msgstr "Défaut : 3" +msgstr "Par défaut : 3" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:107 @@ -345,9 +359,9 @@ msgid "" "which translates to \"the name is everything up to the <quote>@</quote> " "sign, the domain everything after that\"" msgstr "" -"Défaut : <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> qui " -"se traduit par « peu importe le nom jusqu'au <quote>@</quote>, peu importe " -"le domaine après »" +"Par défaut : <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"qui se traduit par « peu importe le nom jusqu'au <quote>@</quote>, peu " +"importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:132 @@ -382,11 +396,14 @@ msgid "" "manvolnum> </citerefentry>-compatible format that describes how to translate " "a (name, domain) tuple into a fully qualified name." msgstr "" +"Un format compatible <citerefentry> <refentrytitle>printf</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry> décrivant la traduction (nom, " +"domaine) d'un tuple en un domaine totalement qualifé." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:157 msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "Défaut : <quote>%1$s@%2$s</quote>." +msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:162 @@ -401,6 +418,10 @@ msgid "" "this, and will fall back to polling resolv.conf every five seconds if " "inotify cannot be used." msgstr "" +"SSSD gère l'état de resolv.conf pour identifier les besoins de mise à jour " +"des résolutions de DNS internes. Par défaut, l'utilisation de inotify sera " +"faite et tentera de scanner resolv.conf toutes les cinq secondes si inotify " +"échoue." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:173 @@ -410,7 +431,7 @@ msgid "" "to 'false'" msgstr "" "Il existe quelques cas spécifiques où l'utilisation de inotify n'est pas " -"conseillée. Dans ces rares cas, cette option devrait être mise à « false »" +"conseillée. Dans ces rares cas, cette option devrait être définie à « false »" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:179 @@ -418,8 +439,8 @@ msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" -"Défaut : true sur les platformes où inotify est supporté. False sur les " -"autres plateformes." +"Par défaut : true sur les platformes où inotify est pris en charge. False " +"sur les autres plateformes." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:183 @@ -433,7 +454,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:190 msgid "krb5_rcache_dir (string)" -msgstr "" +msgstr "krb5_rcache_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:193 @@ -494,7 +515,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:225 msgid "General service configuration options" -msgstr "" +msgstr "Options générales de configuration du service" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:227 @@ -517,15 +538,15 @@ msgid "Add a timestamp to the debug messages" msgstr "Ajoute un horodatage aux messages de débogage" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" -msgstr "Défaut : true" +msgstr "Par défaut : true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:246 msgid "debug_microseconds (bool)" -msgstr "" +msgstr "debug_microseconds (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:249 @@ -533,20 +554,40 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 msgid "Default: false" -msgstr "" +msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 +msgid "fd_limit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:273 +msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 msgid "command (string)" msgstr "command (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 +#: sssd.conf.5.xml:290 msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " @@ -559,17 +600,17 @@ msgstr "" "défaut sont suffisantes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" -msgstr "Défaut : <command>sssd_${service_name}</command>" +msgstr "Par défaut : <command>sssd_${service_name}</command>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "Options de configuration NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -577,29 +618,31 @@ msgstr "" "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" +"Combien de secondes nss_sss doit-il mettre en cache les énumérations " +"(requêtes pour les informations sur tous les utilisateurs)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" -msgstr "Défaut : 120" +msgstr "Par défaut : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -610,7 +653,7 @@ msgstr "" "valeur de entry_cache_timeout pour le domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -625,7 +668,7 @@ msgstr "" "requêtes ne seront pas bloquées en attendant une mise à jour du cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -638,17 +681,17 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" -msgstr "" +msgstr "Par défaut : 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -660,17 +703,17 @@ msgstr "" "nouveau l'arrière plan." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" -msgstr "Défaut : 15" +msgstr "Par défaut : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -684,17 +727,17 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" -msgstr "Défaut : root" +msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -702,170 +745,176 @@ msgstr "" "à « false »." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "override_homedir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "%u" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "nom de connexion" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "%U" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" -msgstr "" +msgstr "paramètre UID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "%d" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "nom de domaine" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "%f" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "nom d'utilisateur qualifié totalement (utilisateur@domaine)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "%%" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "un « % » littéral" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Réécrit le répertoire maison utilisateur. Vous pouvez fournir une valeur " -"absolue ou un modèle. Dans le modèle, les séquences suivantes sont " +"Réécrit le répertoire personnel de l'utilisateur. Vous pouvez fournir une " +"valeur absolue ou un modèle. Dans le modèle, les séquences suivantes sont " "substituées :<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" -"Restreindre le shell de l'utilisateur à une valeur. L'ordre d'évaluation " -"est :" +"Restreindre l'interpréteur de commandes de l'utilisateur à une valeur. " +"L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" -"1. Si le shell est présent dans <quote>/etc/shells</quote> il est utilisé." +"1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" +"quote> il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" -"2. Si le shell est dans la liste « allowed_shells » mais n'est pas dans " -"<quote>/etc/shells</quote>, l'utilisation de la valeur « shell_fallback » " -"sera faite." +"2. Si l'interpréteur de commandes est dans la liste « allowed_shells » mais " +"n'est pas dans <quote>/etc/shells</quote>, l'utilisation de la valeur « " +"shell_fallback » sera faite." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" -"3. Si le shell n'est ni dans la liste « allowed_shells » ni dans <quote>/etc/" -"shells</quote>, une connexion sans shell est utlisée." +"3. Si l'interpréteur de commandes n'est ni dans la liste « allowed_shells » " +"ni dans <quote>/etc/shells</quote>, une connexion sans shell est utlisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." -msgstr "Une chaîne vide pour le shell est passée comme elle est à la libc." +msgstr "" +"Une chaîne vide pour l'interpréteur de commandes est passée comme elle est à " +"la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" "Le fichier <quote>/etc/shells</quote> n'est lu qu'au démarrage de SSSD. Un " -"redémarrage de SSSD est nécessaire si un nouveau shell est installé." +"redémarrage de SSSD est nécessaire si un nouvel interpréteur de commandes " +"est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" -"Défaut : non défini. Le shell de l'utilisateur est utilisé automatiquement." +"Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " +"utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" -"Remplacer toutes les occurences de ces shells par le « shell_fallback »" +"Remplacer toutes les occurences de ces interpréteurs de commandes par " +"l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" -"Le shell par défaut à utiliser si un shell autorisé n'est pas installé sur " -"la machine." +"L'interpréteur de commandes par défaut à utiliser si un interpréteur de " +"commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" -msgstr "Défaut : /bin/sh" +msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -874,12 +923,12 @@ msgstr "" "(PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -889,17 +938,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" -msgstr "Défaut : 0 (pas de limite)" +msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -908,12 +957,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -922,7 +971,7 @@ msgstr "" "atteint avant qu'une nouvelle tentative soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -930,17 +979,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" -msgstr "Défaut : 5" +msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -949,44 +998,44 @@ msgstr "" "d'authentification. Le nombre le plus grand affichera plus de messages." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" -msgstr "Défaut : 1" +msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -998,7 +1047,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1012,17 +1061,17 @@ msgstr "" "retour avec le fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant que le mot de passe n'expire." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1033,50 +1082,35 @@ msgstr "" "manquante, sssd ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" -msgstr "Défaut : 7" +msgstr "Par défaut : 7" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -#, fuzzy -#| msgid "NSS configuration options" +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" -msgstr "Options de configuration NSS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -#, fuzzy -#| msgid "These options can be used to configure any service." +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." -msgstr "Ces options peuvent être utilisées pour configurer les services." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" -msgstr "enum_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -#, fuzzy -#| msgid "" -#| "For any PAM request while SSSD is online, the SSSD will attempt to " -#| "immediately update the cached identity information for the user in order " -#| "to ensure that authentication takes place with the latest information." +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " "ruleset." msgstr "" -"Pour chaque requête PAM quand SSSD est déconnecté, le SSSD tentera de mettre " -"à jour immédiatement les informations d'identité mises en cache pour " -"l'utilisateur de manière à s'assurer que l'authentification se fasse avec " -"les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -1085,83 +1119,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -#, fuzzy -#| msgid "Default: 10" +#: sssd.conf.5.xml:645 msgid "Default: 180" -msgstr "Défaut : 10" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -#, fuzzy -#| msgid "debug_timestamps (bool)" +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" -msgstr "debug_timestamps (booléen)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -#, fuzzy -#| msgid "NSS configuration options" +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" -msgstr "Options de configuration NSS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -#, fuzzy -#| msgid "These options can be used to configure any service." +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." -msgstr "Ces options peuvent être utilisées pour configurer les services." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -#, fuzzy -#| msgid "entry_negative_timeout (integer)" +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" -msgstr "entry_negative_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -#, fuzzy -#| msgid "" -#| "Specifies for how many seconds nss_sss should cache negative cache hits " -#| "(that is, queries for invalid database entries, like nonexistent ones) " -#| "before asking the back end again." -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +#: sssd.conf.5.xml:679 +msgid "" +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -"Spécifie le temps, en secondes, pendant lequel nss_sss doit mettre en cache " -"les résultats négatifs du cache (c'est-à-dire les requêtes pour les bases de " -"données invalides, comme celles qui n'existent pas) avant d'appeler à " -"nouveau l'arrière plan." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1170,7 +1185,7 @@ msgstr "" "dehors de ces limites, il est ignoré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1183,17 +1198,17 @@ msgstr "" "plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." @@ -1203,17 +1218,17 @@ msgstr "" "répondre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" -msgstr "Défaut : 10" +msgstr "Par défaut : 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1222,22 +1237,22 @@ msgstr "" "valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont comptés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" -msgstr "Défaut : FALSE" +msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1253,7 +1268,7 @@ msgstr "" "importante liée au processus d'énumération." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1263,7 +1278,7 @@ msgstr "" "complétion." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1277,12 +1292,12 @@ msgstr "" "le id_provider spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1291,122 +1306,88 @@ msgstr "" "valides avant d'appeler à nouveau l'arrière plan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" -msgstr "Défaut : 5400" +msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" -msgstr "entry_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" -"Combien de temps en secondes doit considérer nss_sss les entrées comme " -"valides avant d'appeler à nouveau l'arrière plan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" -msgstr "entry_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" -msgstr "entry_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" -"Combien de temps en secondes doit considérer nss_sss les entrées comme " -"valides avant d'appeler à nouveau l'arrière plan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "entry_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" -"Combien de temps en secondes doit considérer nss_sss les entrées comme " -"valides avant d'appeler à nouveau l'arrière plan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" -msgstr "entry_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" -"Combien de temps en secondes doit considérer nss_sss les entrées comme " -"valides avant d'appeler à nouveau l'arrière plan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les crédits utilisateur sont aussi mis en cache dans le cache " "LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1414,54 +1395,54 @@ msgid "" "offline_credentials_expiration." msgstr "" "Nombre de jours où les entrées sont stockées dans le cache après la dernière " -"connexion réussie avant d'être enlevé lors du nettoyage du cache. 0 veut " +"connexion réussie avant d'être enlevées lors du nettoyage du cache. 0 veut " "dire conservé pour toujours. La valeur de ce paramètre doit être supérieur " "ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "Défault: 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" "L'identité du fournisseur de données en arrière-plan à utiliser pour le " "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" -msgstr "Moteurs supportés :" +msgstr "Moteurs pris en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "proxy: supporte l'ancien protocole NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "local: protocole SSSD interne et local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "ldap: protocole LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1475,12 +1456,12 @@ msgstr "" "test@LOCAL</command> ne le trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1489,7 +1470,7 @@ msgstr "" "autorisés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1501,7 +1482,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1512,7 +1493,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -1520,26 +1501,26 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" -"Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " +"Par défaut : <quote>id_provider</quote> est utilisé s'il est définit et peut " "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1550,17 +1531,17 @@ msgstr "" "plan). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "<quote>permit</quote> autoriser l'accès de manière permanente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> refuser l'accès de manière permanente.." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1573,17 +1554,17 @@ msgstr "" "configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" -msgstr "Défaut : <quote>permit</quote>" +msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1592,7 +1573,7 @@ msgstr "" "domaine. Les fournisseurs acceptés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1604,7 +1585,7 @@ msgstr "" "l'IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1616,7 +1597,7 @@ msgstr "" "serveur LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1628,7 +1609,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -1636,138 +1617,87 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> désactiver le changement de mot de passe explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" -"Défaut : <quote>auth_provider</quote> est utilisé si il est défini et peut " -"gérer les changements de mot de passe." +"Par défaut : <quote>auth_provider</quote> est utilisé si il est définit et " +"peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -#, fuzzy -#| msgid "id_provider (string)" +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" -msgstr "id_provider (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -#, fuzzy -#| msgid "" -#| "The authentication provider used for the domain. Supported auth " -#| "providers are:" +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" -"Le fournisseur d'authentification utilisé pour le domaine. Les fournisseurs " -"autorisés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote> to change a password stored in a LDAP server. See " -#| "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" -"<quote>ldap</quote> pour changer le mot de passe stocké sur un serveur LDAP. " -"Voir <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> pour plus d'informations sur la configuration du " -"serveur LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -#, fuzzy -#| msgid "<quote>none</quote> disables authentication explicitly." +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "<quote>none</quote> désactive l'authentification explicitement." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -#, fuzzy -#| msgid "" -#| "Default: <quote>id_provider</quote> is used if it is set and can handle " -#| "authentication requests." +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" -"Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " -"gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -#, fuzzy -#| msgid "access_provider (string)" +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" -msgstr "access_provider (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -#, fuzzy -#| msgid "" -#| "The provider which should handle change password operations for the " -#| "domain. Supported change password providers are:" +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" -"Le fournisseur qui devrait gérer le changement des mots de passe pour le " -"domaine. Les fournisseurs acceptés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to change a password stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" -"<quote>ipa</quote> pour changer le mot de passe stocké sur un serveur IPA. " -"Voir <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> pour plus d'informations sur la configuration de " -"l'IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -#, fuzzy -#| msgid "<quote>none</quote> disallows password changes explicitly." +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" -"<quote>none</quote> désactiver le changement de mot de passe explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -#, fuzzy -#| msgid "" -#| "Default: <quote>id_provider</quote> is used if it is set and can handle " -#| "authentication requests." +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" -"Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut " -"gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -1776,62 +1706,62 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" msgstr "Valeurs autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essaye de chercher une IPv4, si ça échoue, essaye une IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tente de résoudre que les noms de domaines en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essaye de chercher une IPv6, si ça échoue, essaye une IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tente de résoudre que les noms de domaines en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" -msgstr "Défaut : ipv4_first" +msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " "the domain will continue to operate in offline mode." msgstr "" -"Défini le temps (en secondes) à attendre la réponse de l'interpréteur DNS " +"Définit le temps (en secondes) à attendre la réponse de l'interpréteur DNS " "avant de considérer qu'il est injoignable. Si ce délai maximum est atteint, " "le domaine continuera en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -1841,41 +1771,41 @@ msgstr "" "de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" -"Défaut : utilise la partie du domaine qui est dans le nom d'hôte de la " +"Par défaut : utilise la partie du domaine qui est dans le nom d'hôte de la " "machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." -msgstr "Redéfini le GID primaire avec la valeur spécifiée." +msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" -msgstr "" +msgstr "case_sensitive (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" -msgstr "" +msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1887,31 +1817,31 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible auquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" -"Défaut : non défini, vous devez prendre une configuration de pam exsitante " -"ou créer une nouvelle et ajouter le nom de service ici." +"Par défaut : non défini, vous devez prendre une configuration de pam " +"exsitante ou créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1922,7 +1852,7 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -1931,12 +1861,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1947,81 +1877,81 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" -"Le shell par défaut pour les utilisateurs créés avec les outils de l'espace " -"utilisateur SSSD." +"L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " +"outils de l'espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" "Les outils ajoutent le nom d'utilisateur à <replaceable>base_directory</" -"replaceable> et l'utilise comme dossier maison." +"replaceable> et l'utilise comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" -"Indique si un dossier maison doit être créé par défaut pour les nouveaux " +"Indique si un dossier personnel doit être créé par défaut pour les nouveaux " "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" -"Indique si un dossier maison doit être supprimé par défaut à la suppression " -"des utilisateurs. Peut être outrepassé par la ligne de commande." +"Indiquer si un dossier personnel doit être supprimé par défaut à la " +"suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2029,20 +1959,20 @@ msgid "" msgstr "" "Utilisé par <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> pour spécifier les permissions par " -"défaut sur un répertoire maison nouvellement créé." +"défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2050,22 +1980,22 @@ msgid "" "manvolnum> </citerefentry>" msgstr "" "Le répertoire squelette contenant les fichiers et répertoires à copier dans " -"le répertoire maison utilisateur une fois ce répertoire créé par " +"le répertoire personnel de l'utilisateur une fois ce répertoire créé par " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2076,17 +2006,17 @@ msgstr "" "par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2097,18 +2027,18 @@ msgstr "" "commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" -msgstr "Par défaut : aucune commande lancée" +msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -2162,7 +2092,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2175,7 +2105,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -2274,16 +2204,16 @@ msgid "" msgstr "" "Spécifie la liste des URI des serveurs LDAP, séparées par des virgules, vers " "lequel SSSD doit se connecter dans l'ordre de préférence. Se référer à la " -"section <quote>FAILOVER</quote> pour plus d'informations sur le « failover » " -"et la redondance serveur. Si non spécifié, « service discovery » est activé. " -"Se référer à la section <quote>SERVICE DISCOVERY</quote> pour plus " -"d'informations." +"section <quote>BASCULEMENT</quote> pour plus d'informations sur le " +"basculement et la redondance serveur. Si non spécifié, « service discovery » " +"est activé. Se référer à la section <quote>SERVICE DISCOVERY</quote> pour " +"plus d'informations." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:70 msgid "The format of the URI must match the format defined in RFC 2732:" msgstr "" -"Le format de l'URI doit correspondre au format défini dans la RFC 2732 :" +"Le format de l'URI doit correspondre au format définit dans la RFC 2732 :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:73 @@ -2368,7 +2298,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:126 msgid "Examples:" -msgstr "" +msgstr "Exemples :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:129 @@ -2425,7 +2355,7 @@ msgstr "" "Spécifie le schéma type à utiliser pour le serveur LDAP cible. Selon le " "schéma choisi, l'attribut nom par défaut recherché sur les serveurs peut " "varier. La façon de gérer les attributs peut aussi varier. Trois schémas " -"sont actuellement supportés : rfc2307, rfc2307bis et IPA. La différence " +"sont actuellement pris en charge : rfc2307, rfc2307bis et IPA. La différence " "principale entre ces types de schéma est comment l'appartenance au groupe " "est enregistrée sur le serveur. Avec rfc2307 les membres du groupe sont " "listés par nom dans l'attribut <emphasis>memberUid</emphasis>. Avec " @@ -2461,7 +2391,7 @@ msgstr "Le type de jeton d'authentification pour le lien DN par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:203 msgid "The two mechanisms currently supported are:" -msgstr "Les deux mécanismes actuellement supportés sont :" +msgstr "Les deux mécanismes actuellement pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:206 @@ -2490,7 +2420,7 @@ msgid "" "are currently supported." msgstr "" "Le jeton d'authentification pour le lien DN par défaut. Seulement des mots " -"de passe en clair sont actuellement supportés." +"de passe en clair sont actuellement pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:228 @@ -2571,52 +2501,56 @@ msgstr "Par défaut : gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:292 msgid "ldap_user_home_directory (string)" -msgstr "" +msgstr "ldap_user_home_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:295 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" +"L'attribut LDAP qui contient le nom du répertoire personnel de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:299 msgid "Default: homeDirectory" -msgstr "" +msgstr "Par défaut : Répertoire_personnel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:305 msgid "ldap_user_shell (string)" -msgstr "" +msgstr "ldap_user_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:308 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" +"L'attribut LDAP qui contient le chemin vers l'interpréteur de commandes de " +"l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:312 msgid "Default: loginShell" -msgstr "" +msgstr "Par défaut : loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:318 msgid "ldap_user_uuid (string)" -msgstr "" +msgstr "ldap_user_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:321 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" +"L'attribut LDAP qui contient les UUID/GUID d'un objet utilisateur LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 msgid "Default: nsUniqueId" -msgstr "" +msgstr "Par défaut : nsUniqueId" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:331 msgid "ldap_user_modify_timestamp (string)" -msgstr "" +msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 @@ -2624,16 +2558,18 @@ msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" +"L'attribut LDAP qui contient l'horodatage de la dernière modification de " +"l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 msgid "Default: modifyTimestamp" -msgstr "" +msgstr "Par défaut : modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:344 msgid "ldap_user_shadow_last_change (string)" -msgstr "" +msgstr "ldap_user_shadow_last_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:347 @@ -2643,16 +2579,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " "the last password change)." msgstr "" +"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de " +"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (date de changement " +"du dernier mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:357 msgid "Default: shadowLastChange" -msgstr "" +msgstr "Par défaut : shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:363 msgid "ldap_user_shadow_min (string)" -msgstr "" +msgstr "ldap_user_shadow_min (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:366 @@ -2662,16 +2602,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " "password age)." msgstr "" +"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de " +"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (durée de validité " +"minimum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:375 msgid "Default: shadowMin" -msgstr "" +msgstr "Par défaut : shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:381 msgid "ldap_user_shadow_max (string)" -msgstr "" +msgstr "ldap_user_shadow_max (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:384 @@ -2681,16 +2625,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " "password age)." msgstr "" +"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de " +"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (âge maximum du mot " +"de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:393 msgid "Default: shadowMax" -msgstr "" +msgstr "Par défaut : shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:399 msgid "ldap_user_shadow_warning (string)" -msgstr "" +msgstr "ldap_user_shadow_warning (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:402 @@ -2700,16 +2648,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password warning period)." msgstr "" +"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de " +"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (période " +"d'avertissement du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:412 msgid "Default: shadowWarning" -msgstr "" +msgstr "Par défaut : shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:418 msgid "ldap_user_shadow_inactive (string)" -msgstr "" +msgstr "ldap_user_shadow_inactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:421 @@ -2719,16 +2671,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password inactivity period)." msgstr "" +"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de " +"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (période " +"d'inactivité du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:431 msgid "Default: shadowInactive" -msgstr "" +msgstr "Par défaut : shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_expire (string)" -msgstr "" +msgstr "ldap_user_shadow_expire (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:440 @@ -2738,16 +2694,20 @@ msgid "" "<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> counterpart (account expiration date)." msgstr "" +"En utilisant ldap_pwd_policy=shadow ou ldap_account_expire_policy=shadow, ce " +"paramètre contient le nom de l'attribut LDAP correspondant à <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (date d'expiration du compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:450 msgid "Default: shadowExpire" -msgstr "" +msgstr "Par défaut : shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:456 msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" +msgstr "ldap_user_krb_last_pwd_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:459 @@ -2756,16 +2716,19 @@ msgid "" "an LDAP attribute storing the date and time of last password change in " "kerberos." msgstr "" +"En utilisant ldap_pwd_policy=mit_kerberos, ce paramètre contient le nom d'un " +"attribut LDAP stockant la date et l'heure du dernier changement de mot de " +"passe dans kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:465 msgid "Default: krbLastPwdChange" -msgstr "" +msgstr "Par défaut : krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:471 msgid "ldap_user_krb_password_expiration (string)" -msgstr "" +msgstr "ldap_user_krb_password_expiration (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:474 @@ -2773,16 +2736,19 @@ msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" +"En utilisant ldap_pwd_policy=mit_kerberos, ce paramètre contient le nom d'un " +"attribut LDAP stockant la date et l'heure d'expiration du mot de passe " +"actuel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:480 msgid "Default: krbPasswordExpiration" -msgstr "" +msgstr "Par défaut : krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:486 msgid "ldap_user_ad_account_expires (string)" -msgstr "" +msgstr "ldap_user_ad_account_expires (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:489 @@ -2790,16 +2756,18 @@ msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" +"En utilisant ldap_account_expire_policy=ad, ce paramètre contient le nom " +"d'un attribut LDAP stockant la date d'expiration du compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:494 msgid "Default: accountExpires" -msgstr "" +msgstr "Par défaut : accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:500 msgid "ldap_user_ad_user_account_control (string)" -msgstr "" +msgstr "ldap_user_ad_user_account_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:503 @@ -2807,16 +2775,18 @@ msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" +"En utilisant ldap_account_expire_policy=ad, ce paramètre contient le nom " +"d'un attribut LDAP stockant le champ de contrôle du compte utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:508 msgid "Default: userAccountControl" -msgstr "" +msgstr "Par défaut : userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:514 msgid "ldap_ns_account_lock (string)" -msgstr "" +msgstr "ldap_ns_account_lock (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:517 @@ -2824,16 +2794,18 @@ msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" +"En utilisant ldap_account_expire_policy=rhds ou un équivalent, ce paramètre " +"détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:522 msgid "Default: nsAccountLock" -msgstr "" +msgstr "Par défaut : nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:528 msgid "ldap_user_nds_login_disabled (string)" -msgstr "" +msgstr "ldap_user_nds_login_disabled (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:531 @@ -2841,16 +2813,18 @@ msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" +"En utilisant ldap_account_expire_policy=nds, cet attribut détermine si " +"l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 msgid "Default: loginDisabled" -msgstr "" +msgstr "Par défaut : loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:541 msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" +msgstr "ldap_user_nds_login_expiration_time (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:544 @@ -2858,11 +2832,13 @@ msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" +"En utilisant ldap_account_expire_policy=nds, cet attribut détermine jusqu'à " +"quand l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:555 msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" +msgstr "ldap_user_nds_login_allowed_time_map (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:558 @@ -2870,16 +2846,18 @@ msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" +"En utilisant ldap_account_expire_policy=nds, cet attribut détermine les " +"heures de la semaine auxquelles l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:563 msgid "Default: loginAllowedTimeMap" -msgstr "" +msgstr "Par défaut : loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:569 msgid "ldap_user_principal (string)" -msgstr "" +msgstr "ldap_user_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:572 @@ -2887,30 +2865,28 @@ msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" +"L'attribut LDAP qui contient le nom principal d'utilisateur (UPN) Kerberos " +"de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:576 msgid "Default: krbPrincipalName" -msgstr "" +msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:582 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_ssh_public_key (string)" -msgstr "ldap_user_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:585 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:592 msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" +msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:595 @@ -2920,11 +2896,15 @@ msgid "" "fail. Set this option to a non-zero value if you want to use an upper-case " "realm." msgstr "" +"Quelques répertoires serveur, par exemple Active Directory, peuvent délivrer " +"la partie réelle de l'UPN en minuscule, ce qui peut faire échouer " +"l'authentification. Définir cette option à une valeur non nulle pour " +"utiliseur une version en majuscule." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:608 msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:611 @@ -2936,14 +2916,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 msgid "Default: 300" -msgstr "" +msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:622 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "ldap_purge_cache_timeout (integer)" -msgstr "enum_cache_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:625 @@ -2952,53 +2930,57 @@ msgid "" "with no members and users who have never logged in) and remove them to save " "space." msgstr "" +"Déterminer la fréquence pour vérifier le cache pour des entrées inactives " +"(telles que les groupes sans membres et utilisateurs qui ne se sont jamais " +"connectés) et les supprimer pour sauvegarder de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:631 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" +"Mettre cette option à zéro désactive l'opération de nettoyage du cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:635 msgid "Default: 10800 (12 hours)" -msgstr "" +msgstr "Par défaut : 1800 (12 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:641 msgid "ldap_user_fullname (string)" -msgstr "" +msgstr "ldap_user_fullname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:644 msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" +msgstr "L'attribut LDAP qui correspond au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 #: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 #: sssd-ipa.5.xml:422 msgid "Default: cn" -msgstr "" +msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:654 msgid "ldap_user_member_of (string)" -msgstr "" +msgstr "ldap_user_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:657 msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" +msgstr "L'attribut LDAP qui liste l'appartenance au groupe de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 msgid "Default: memberOf" -msgstr "" +msgstr "Par défaut : memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:667 msgid "ldap_user_authorized_service (string)" -msgstr "" +msgstr "ldap_user_authorized_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:670 @@ -3007,6 +2989,9 @@ msgid "" "use the presence of the authorizedService attribute in the user's LDAP entry " "to determine access privilege." msgstr "" +"Si access_provider=ldap et ldap_access_order=authorized_service, SSSD " +"utilisera la présence de l'attribut authorizedService dans l'entrée LDAP de " +"l'utilisateur pour déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:677 @@ -3014,16 +2999,18 @@ msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" +"Le refus explicite (!svc) est résolu en premier. Ensuite, SSSD cherche une " +"autorisation explicite (svc) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:682 msgid "Default: authorizedService" -msgstr "" +msgstr "Par défaut : authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:688 msgid "ldap_user_authorized_host (string)" -msgstr "" +msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:691 @@ -3032,6 +3019,9 @@ msgid "" "presence of the host attribute in the user's LDAP entry to determine access " "privilege." msgstr "" +"Si access_provider=ldap et ldap_access_order=host, SSSD va utiliser la " +"présence de l'attribut d'hôte dans l'entrée LDAP de l'utilisateur pour " +"déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:697 @@ -3039,81 +3029,83 @@ msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" +"Le refus explicite (!host) est résolu en premier. Ensuite, SSSD cherche les " +"autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:702 msgid "Default: host" -msgstr "" +msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:708 msgid "ldap_group_object_class (string)" -msgstr "" +msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:711 msgid "The object class of a group entry in LDAP." -msgstr "" +msgstr "La classe objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:714 msgid "Default: posixGroup" -msgstr "" +msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:720 msgid "ldap_group_name (string)" -msgstr "" +msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:723 msgid "The LDAP attribute that corresponds to the group name." -msgstr "" +msgstr "L'attribut LDAP qui correspond au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:733 msgid "ldap_group_gid_number (string)" -msgstr "" +msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:736 msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" +msgstr "L'attribut LDAP qui correspond à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:746 msgid "ldap_group_member (string)" -msgstr "" +msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:749 msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" +msgstr "L'attribut LDAP qui contient les noms des membres de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:753 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" +msgstr "Par défaut : uid de membre (rfc2307) / membre (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:759 msgid "ldap_group_uuid (string)" -msgstr "" +msgstr "ldap_group_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:762 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" +msgstr "L'attribut LDAP qui contient les UUID/GUID d'un groupe objet LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:772 msgid "ldap_group_modify_timestamp (string)" -msgstr "" +msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:785 msgid "ldap_group_nesting_level (integer)" -msgstr "" +msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:788 @@ -3122,21 +3114,24 @@ msgid "" "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" +"Si ldap_schema est définit comme un format qui supporte les groupes liés (e." +"g. RFC2307bis), alors cette option contrôle le nombre de niveaux liés SSSD à " +"suivre. Cette option n'a pas d'effet sur le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:795 msgid "Default: 2" -msgstr "" +msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:801 msgid "ldap_netgroup_object_class (string)" -msgstr "" +msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:804 msgid "The object class of a netgroup entry in LDAP." -msgstr "" +msgstr "La classe d'objet d'une entrée de groupe réseau dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:807 @@ -3146,17 +3141,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:811 msgid "Default: nisNetgroup" -msgstr "" +msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:817 msgid "ldap_netgroup_name (string)" -msgstr "" +msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:820 msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" +msgstr "L'attribut LDAP qui correspond au nom du groupe réseau." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:824 @@ -3166,12 +3161,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:834 msgid "ldap_netgroup_member (string)" -msgstr "" +msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:837 msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" +msgstr "L'attribut LDAP qui contient les noms des membres de groupe réseau." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:841 @@ -3181,18 +3176,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:845 msgid "Default: memberNisNetgroup" -msgstr "" +msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:851 msgid "ldap_netgroup_triple (string)" -msgstr "" +msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:854 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" +"L'attribut LDAP qui contient le triplet (hôte, utilisateur, domaine) d'un " +"groupe réseau." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 @@ -3202,18 +3199,19 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:861 msgid "Default: nisNetgroupTriple" -msgstr "" +msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:867 msgid "ldap_netgroup_uuid (string)" -msgstr "" +msgstr "ldap_netgroup_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:870 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" +"L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP de groupe réseau." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:874 @@ -3223,94 +3221,70 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:884 msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" +msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:900 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_service_object_class (string)" -msgstr "ldap_user_object_class (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:903 -#, fuzzy -#| msgid "The object class of a user entry in LDAP." msgid "The object class of a service entry in LDAP." -msgstr "La classe objet d'une entrée utilisateur dans LDAP." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 -#, fuzzy -#| msgid "Default: filter" msgid "Default: ipService" -msgstr "Défaut : filter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:912 -#, fuzzy -#| msgid "ldap_dns_service_name (string)" msgid "ldap_service_name (string)" -msgstr "ldap_dns_service_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:915 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:925 -#, fuzzy -#| msgid "ldap_dns_service_name (string)" msgid "ldap_service_port (string)" -msgstr "ldap_dns_service_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:928 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that contains the port managed by this service." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:932 -#, fuzzy -#| msgid "Default: ipv4_first" msgid "Default: ipServicePort" -msgstr "Défaut : ipv4_first" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:938 -#, fuzzy -#| msgid "ldap_dns_service_name (string)" msgid "ldap_service_proto (string)" -msgstr "ldap_dns_service_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:941 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "" "The LDAP attribute that contains the protocols understood by this service." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:945 -#, fuzzy -#| msgid "Default: ipv4_first" msgid "Default: ipServiceProtocol" -msgstr "Défaut : ipv4_first" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:951 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_service_search_base (string)" -msgstr "ldap_user_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:954 @@ -3331,12 +3305,12 @@ msgstr "" #: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 #: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" +msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:970 msgid "ldap_search_timeout (integer)" -msgstr "" +msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:973 @@ -3345,6 +3319,9 @@ msgid "" "before they are cancelled and cached results are returned (and offline mode " "is entered)" msgstr "" +"Définit le délai d'attente (en secondes) autorisé pour les recherches LDAP " +"avant qu'elles se terminent et de retourner les résultats contenus dans le " +"cache (et le mode hors ligne est activé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:979 @@ -3353,16 +3330,19 @@ msgid "" "will likely be replaced at some point by a series of timeouts for specific " "lookup types." msgstr "" +"Note : cette option est susceptible de changer dans les prochaines version " +"de SSSD. Il sera surement remplacé par une série de délais d'attente pour " +"différentes recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 msgid "Default: 6" -msgstr "" +msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:991 msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:994 @@ -3371,16 +3351,19 @@ msgid "" "enumerations are allowed to run before they are cancelled and cached results " "are returned (and offline mode is entered)" msgstr "" +"Définit le délai d'attente (en secondes) autorisé pour les recherches LDAP " +"sur les utilisateurs et groupes avant qu'elles se terminent et que les " +"résultats mis en cache soient retournés (et le mode hors ligne est activé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1001 msgid "Default: 60" -msgstr "" +msgstr "Par défaut : 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1007 msgid "ldap_network_timeout (integer)" -msgstr "" +msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1010 @@ -3392,11 +3375,17 @@ msgid "" "<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" "citerefentry> returns in case of no activity." msgstr "" +"Définit le délai d'attente (en secondes) après quoi le <citerefentry> " +"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" +"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" +"manvolnum> </citerefentry> suivi de <citerefentry> <refentrytitle>connect</" +"refentrytitle> <manvolnum>2</manvolnum> </citerefentry> repasse en mode " +"inactif." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1033 msgid "ldap_opt_timeout (integer)" -msgstr "" +msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1036 @@ -3405,11 +3394,14 @@ msgid "" "will abort if no response is received. Also controls the timeout when " "communicating with the KDC in case of SASL bind." msgstr "" +"Définit le délai d'attente (en secondes) après quoi les appels synchrones à " +"l'API LDAP sont annulés si aucune réponse n'est obtenue. Permet aussi de " +"contrôler le délai de communication avec le KDC dans le cas d'un appel SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1048 msgid "ldap_connection_expire_timeout (integer)" -msgstr "" +msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1051 @@ -3423,12 +3415,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1059 msgid "Default: 900 (15 minutes)" -msgstr "" +msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1065 msgid "ldap_page_size (integer)" -msgstr "" +msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1068 @@ -3436,11 +3428,14 @@ msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" +"Définir le nombre d'enregistrements à récupérer à partir d'une simple " +"requête LDAP. Certains serveurs LDAP imposent une limite maximale par " +"requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1073 msgid "Default: 1000" -msgstr "" +msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1079 @@ -3473,7 +3468,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1103 msgid "ldap_deref_threshold (integer)" -msgstr "" +msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1106 @@ -3482,6 +3477,10 @@ msgid "" "cache in order to trigger a dereference lookup. If less members are missing, " "they are looked up individually." msgstr "" +"Définir le nombre de membres du groupe qui devraient être manquant au sein " +"du cache interne dans le but d'activer la vérification de déréférence. Si le " +"nombre de membre manquant est inférieur, ils sont recherchés " +"individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1112 @@ -3497,6 +3496,10 @@ msgid "" "methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " "Directory." msgstr "" +"Une recherche de déréférencement est un moyen pour récupérer tous les " +"membres d'un groupe avec un seul appel LDAP. Plusieurs serveurs LDAP peuvent " +"avoir différentes méthodes de dé-référencement. Les serveurs actuellement " +"acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1124 @@ -3509,7 +3512,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1137 msgid "ldap_tls_reqcert (string)" -msgstr "" +msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1140 @@ -3517,6 +3520,8 @@ msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" +"Définit les vérifications à effectuer sur les certificats serveur sur une " +"session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1146 @@ -3524,6 +3529,8 @@ msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" +"<emphasis>never</emphasis> : le client ne demandera, ni ne vérifiera un " +"quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1150 @@ -3532,6 +3539,9 @@ msgid "" "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, it will be ignored and the session proceeds normally." msgstr "" +"<emphasis>allow</emphasis> : le certificat serveur est demandé. Si aucun " +"certificat n'est fournit, la session continue normalement. Si un mauvais " +"certificat est fournit, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1157 @@ -3540,6 +3550,9 @@ msgid "" "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, the session is immediately terminated." msgstr "" +"<emphasis>try</emphasis> : le certificat serveur est demandé. Si aucun " +"certificat n'est fournit, la session continue normalement. Si un mauvais " +"certificat est fournit, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1163 @@ -3548,21 +3561,24 @@ msgid "" "certificate is provided, or a bad certificate is provided, the session is " "immediately terminated." msgstr "" +"<emphasis>demand</emphasis> : le certificat serveur est demandé. Si aucun " +"certificat ou un mauvais certificat est fournit, la session se termine " +"immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1169 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" +msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1173 msgid "Default: hard" -msgstr "" +msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1179 msgid "ldap_tls_cacert (string)" -msgstr "" +msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1182 @@ -3570,6 +3586,8 @@ msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" +"Définit le fichier qui contient les certificats pour toutes les autorités de " +"certificats que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 @@ -3577,11 +3595,13 @@ msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" +"Par défaut : utilise les paramètres par défaut de LDAP, en général dans " +"<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1194 msgid "ldap_tls_cacertdir (string)" -msgstr "" +msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1197 @@ -3591,37 +3611,42 @@ msgid "" "be the hash of the certificate followed by '.0'. If available, " "<command>cacertdir_rehash</command> can be used to create the correct names." msgstr "" +"Spécifie le chemin d'un dossier qui contient les certificats de l'autorité " +"de certificats dans des fichiers séparés. Usuellement, les noms de fichiers " +"sont la somme de contrôle du certificat suivi de « .0 ». Si disponible, " +"<command>cacertdir_rehash</command> peut être utilisé pour créer les noms " +"corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1212 msgid "ldap_tls_cert (string)" -msgstr "" +msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1215 msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" +msgstr "Définit le fichier qui contient le certificat pour la clef client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 #: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 msgid "Default: not set" -msgstr "" +msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1225 msgid "ldap_tls_key (string)" -msgstr "" +msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1228 msgid "Specifies the file that contains the client's key." -msgstr "" +msgstr "Définit le fichier qui contient la clef client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1237 msgid "ldap_tls_cipher_suite (string)" -msgstr "" +msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1240 @@ -3630,11 +3655,14 @@ msgid "" "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> for format." msgstr "" +"Définit les fluxs de chiffrement acceptables. Usuellement c'est une liste " +"séparée par des deux-points. Voir <citerefentry><refentrytitle>ldap.conf</" +"refentrytitle> <manvolnum>5</manvolnum></citerefentry> pour le format." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1253 msgid "ldap_id_use_start_tls (boolean)" -msgstr "" +msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1256 @@ -3642,11 +3670,13 @@ msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" +"Définit le fait que le fournisseur d'identité de connexion doit autoriser " +"<systemitem class=\"protocol\">tls</systemitem> pour protéger le canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1266 msgid "ldap_sasl_mech (string)" -msgstr "" +msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1269 @@ -3654,16 +3684,18 @@ msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" +"Définit le mécanisme SASL à utiliser. Actuellement, seul GSSAPI est testé et " +"pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 msgid "Default: none" -msgstr "" +msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1279 msgid "ldap_sasl_authid (string)" -msgstr "" +msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1282 @@ -3671,16 +3703,19 @@ msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" +"Définit l'identité d'autorisation SASL à utiliser. Quand GSSAPI est utilisé, " +"c'est l'identifiant Kerberos principal utilisé pour s'authentifier au " +"dossier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1287 msgid "Default: host/machine.fqdn@REALM" -msgstr "" +msgstr "Par défaut : hôte/machine.fqdn@DOMAINE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1293 msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" +msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1296 @@ -3697,22 +3732,24 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1307 msgid "ldap_krb5_keytab (string)" -msgstr "" +msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1310 msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" +msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1313 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" +"Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." +"keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1319 msgid "ldap_krb5_init_creds (boolean)" -msgstr "" +msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1322 @@ -3721,26 +3758,29 @@ msgid "" "action is performed only if SASL is used and the mechanism selected is " "GSSAPI." msgstr "" +"Définit le fait que le fournisseur d'identité doit initialiser les crédits " +"Kerberos (TGT). Cette action est effectuée seulement si SASL est utilisé et " +"que le mécanisme choisit est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1334 msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" +msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1337 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" +msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1341 msgid "Default: 86400 (24 hours)" -msgstr "" +msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 msgid "krb5_server (string)" -msgstr "" +msgstr "krb5_server (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 @@ -3761,6 +3801,9 @@ msgid "" "for DNS entries that specify _udp as the protocol and falls back to _tcp if " "none are found." msgstr "" +"En utilisant la recherche de services pour KDC ou les serveurs kpasswd, SSSD " +"recherche en premier les entrées DNS qui définissent _udp comme protocole et " +"passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 @@ -3769,6 +3812,10 @@ msgid "" "While the legacy name is recognized for the time being, users are advised to " "migrate their config files to use <quote>krb5_server</quote> instead." msgstr "" +"Cette option était nommée <quote>krb5_kdcip</quote> dans les versions " +"précédentes de SSSD. Bien que ce nom soit toujours reconnu à l'heure " +"actuelle, il est conseillé de migrer les fichiers de configuration vers " +"l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 @@ -3778,17 +3825,18 @@ msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1379 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" +msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1382 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" +"Par défaut : système par défaut, voir <filename>/etc/krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 msgid "krb5_canonicalize (boolean)" -msgstr "" +msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1391 @@ -3808,6 +3856,8 @@ msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" +"Détermine la politique d'expiration des mots de passe côté client. Les " +"valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1411 @@ -3815,22 +3865,16 @@ msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" +"<emphasis>none</emphasis> : aucun évaluation du côté client. Cette option ne " +"peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1416 -#, fuzzy -#| msgid "" -#| "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -#| "<manvolnum>8</manvolnum> </citerefentry> to specify the default " -#| "permissions on a newly created home directory." msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" -"Utilisé par <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> pour spécifier les permissions par " -"défaut sur un répertoire maison nouvellement créé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1422 @@ -3839,6 +3883,9 @@ msgid "" "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +"<emphasis>mit_kerberos</emphasis> : utilisez les attributs utilisés par MIT " +"Kerberos pour déterminer si le mot de passe a expiré. Utilisez " +"chpass_provider=krb5 ces attributs lorsque le mot de passe est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1434 @@ -3848,7 +3895,7 @@ msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1437 msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" +msgstr "Définit si le référencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1441 @@ -3856,6 +3903,8 @@ msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" +"Veuillez noter que sssd ne supporte que le référencement quand il est " +"compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1452 @@ -3866,16 +3915,18 @@ msgstr "ldap_dns_service_name (chaîne)" #: sssd-ldap.5.xml:1455 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" +"Définit le nom de service à utiliser quand la découverte de services est " +"activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1459 msgid "Default: ldap" -msgstr "Défaut : ldap" +msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1465 msgid "ldap_chpass_dns_service_name (string)" -msgstr "" +msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1468 @@ -3883,11 +3934,15 @@ msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" +"Définit le nom de service à utiliser pour trouver un serveur LDAP autorisant " +"un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1473 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" +"Par défaut : non défini, c'est-à-dire que le service de découverte est " +"désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1479 @@ -3903,6 +3958,11 @@ msgid "" "it will result in all users being denied access. Use access_provider = allow " "to change this default behavior." msgstr "" +"Si access_provider = ldap, cette option est obligatoire. Elle spécifie un " +"critère de filtre LDAP requit par l'utilisateur pour avoir un accès sur cet " +"hôte. Si access_provider = ldap et que cette option n'est pas définie, tous " +"les utilisateurs seront refusés. Utilisez access_provider = allow pour " +"changer ce comportement par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 @@ -3917,6 +3977,9 @@ msgid "" "ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" " " msgstr "" +"access_provider = ldap\n" +"ldap_access_filter = membre_de=cn=utilisateurs_autorisés,ou=Groupes,dc=exemple,dc=com\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1499 @@ -3924,6 +3987,8 @@ msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" +"Cet exemple montre un accès à l'hôte restreint aux membres du groupe « " +"utilisateurs_autorisés » dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1504 @@ -3933,11 +3998,14 @@ msgid "" "access during their last login, they will continue to be granted access " "while offline and vice-versa." msgstr "" +"Le cache hors-ligne pour cette option est limité et à déterminer dans le cas " +"où le dernier accès de l'utilisateur était autorisé. Si tel était le cas, " +"l'accès sera conservé en mode hors-ligne et vice-versa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 msgid "Default: Empty" -msgstr "Défaut : vide" +msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1518 @@ -3950,6 +4018,8 @@ msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" +"Avec cette option une évaluation du côté client des contrôles d'accès peut " +"être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1525 @@ -3958,11 +4028,15 @@ msgid "" "i.e. the LDAP server should deny the bind request with a suitable error code " "even if the password is correct." msgstr "" +"Veuillez noter qu'il est toujours recommandé d'utiliser un contrôle d'accès " +"du côté serveur, c'est-à-dire que le serveur LDAP doit refuser une requête " +"de connexion avec un code erreur approprié même si le mot de pass est " +"correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1532 msgid "The following values are allowed:" -msgstr "" +msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1535 @@ -3970,6 +4044,8 @@ msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" +"<emphasis>shadow</emphasis> : utilisez cette valeur de " +"ldap_user_shadow_expire pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1540 @@ -3979,6 +4055,10 @@ msgid "" "set. If the attribute is missing access is granted. Also the expiration time " "of the account is checked." msgstr "" +"<emphasis>ad</emphasis> : utilisez la valeur du champ 32 bits " +"ldap_user_ad_user_account_control et autorisez l'accès si le deuxième bit " +"n'est pas défini. Si l'attribut est manquant, l'accès est autorisé. La " +"période d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1547 @@ -3987,6 +4067,9 @@ msgid "" "emphasis>: use the value of ldap_ns_account_lock to check if access is " "allowed or not." msgstr "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" +"emphasis> : utilisez cette valeur de ldap_ns_account_lock pour vérifier si " +"l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1553 @@ -3996,6 +4079,10 @@ msgid "" "ldap_user_nds_login_expiration_time are used to check if access is allowed. " "If both attributes are missing access is granted." msgstr "" +"<emphasis>nds</emphasis> : les valeurs de " +"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled et " +"ldap_user_nds_login_expiration_time sont utilisées pour vérifier si l'accès " +"est autorisé. Si les deux attributs sont manquants l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1568 @@ -4006,16 +4093,18 @@ msgstr "ldap_access_order (chaîne)" #: sssd-ldap.5.xml:1571 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" +"Liste des options de contrôles d'accès, séparées par des virgules. Valeurs " +"autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1575 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" +msgstr "<emphasis>filter</emphasis> : utilise ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1578 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" +msgstr "<emphasis>expire</emphasis>: utilise ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1582 @@ -4023,16 +4112,19 @@ msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" +"<emphasis>authorized_service</emphasis> : utilise l'attribut d'autorisation " +"de service pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1587 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" +"<emphasis>host</emphasis> : utilise l'attribut d'hôte pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1591 msgid "Default: filter" -msgstr "Défaut : filter" +msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1594 @@ -4040,6 +4132,8 @@ msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" +"Veuillez noter qu'une valeur utilisée plusieurs fois résulte en une erreur " +"de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1601 @@ -4052,11 +4146,13 @@ msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" +"Définit comment le déréférencement de l'alias est effectué lors d'une " +"recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1609 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" +msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1613 @@ -4064,6 +4160,9 @@ msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" +"<emphasis>searching</emphasis> : les alias sont déréférencés suivant les " +"objets subordonnés de l'objet de base, et non pas suivant l'objet de base de " +"la recherche lui-même." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1618 @@ -4071,6 +4170,8 @@ msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" +"<emphasis>finding</emphasis> : les alias sont seulement déréférencés lors de " +"la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1623 @@ -4078,6 +4179,8 @@ msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" +"<emphasis>always</emphasis> : les alias sont déréférencés à la fois en " +"recherche et en localisant l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1628 @@ -4085,6 +4188,8 @@ msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" +"Par défaut : vide (ceci est traité comme <emphasis>never</emphasis> par les " +"bibliothèques client LDAP)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 @@ -4095,261 +4200,193 @@ msgid "" "manvolnum> </citerefentry> manual page for full details. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Toutes les options communes de configuration appliquées aux domaines SSSD " +"s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " +"DOMAINE</quote> dans le manuel du fichier <citerefentry> <refentrytitle>sssd." +"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " +"détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 -#, fuzzy -#| msgid "OPTIONS" msgid "SUDO OPTIONS" -msgstr "OPTIONS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_sudorule_object_class (string)" -msgstr "ldap_user_object_class (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1647 -#, fuzzy -#| msgid "The object class of a user entry in LDAP." msgid "The object class of a sudo rule entry in LDAP." -msgstr "La classe objet d'une entrée utilisateur dans LDAP." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1650 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoRole" -msgstr "Par défaut : uid" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1656 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_name (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1659 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1669 -#, fuzzy -#| msgid "ldap_schema (string)" msgid "ldap_sudorule_command (string)" -msgstr "ldap_schema (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1672 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "The LDAP attribute that corresponds to the command name." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1676 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoCommand" -msgstr "Par défaut : uid" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1682 -#, fuzzy -#| msgid "ldap_user_gecos (string)" msgid "ldap_sudorule_host (string)" -msgstr "ldap_user_gecos (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1685 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" -"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 -#, fuzzy -#| msgid "Default: root" msgid "Default: sudoHost" -msgstr "Défaut : root" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1696 -#, fuzzy -#| msgid "ldap_user_uid_number (string)" msgid "ldap_sudorule_user (string)" -msgstr "ldap_user_uid_number (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1699 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1703 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoUser" -msgstr "Par défaut : uid" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1709 -#, fuzzy -#| msgid "ldap_uri (string)" msgid "ldap_sudorule_option (string)" -msgstr "ldap_uri (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1712 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoOption" -msgstr "Par défaut : uid" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1722 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_runasuser (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1725 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" -"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1729 -#, fuzzy -#| msgid "Default: uidNumber" msgid "Default: sudoRunAsUser" -msgstr "par défaut : uidNumber" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1735 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_runasgroup (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1738 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" -"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1742 -#, fuzzy -#| msgid "Default: uidNumber" msgid "Default: sudoRunAsGroup" -msgstr "par défaut : uidNumber" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1748 -#, fuzzy -#| msgid "ldap_user_uid_number (string)" msgid "ldap_sudorule_notbefore (string)" -msgstr "ldap_user_uid_number (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1751 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" -"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1755 -#, fuzzy -#| msgid "Default: uidNumber" msgid "Default: sudoNotBefore" -msgstr "par défaut : uidNumber" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1761 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_notafter (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1764 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" -"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1769 -#, fuzzy -#| msgid "Default: filter" msgid "Default: sudoNotAfter" -msgstr "Défaut : filter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1775 -#, fuzzy -#| msgid "ldap_access_order (string)" msgid "ldap_sudorule_order (string)" -msgstr "ldap_access_order (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1778 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1782 -#, fuzzy -#| msgid "Default: password" msgid "Default: sudoOrder" -msgstr "Par défaut : password" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1788 -#, fuzzy -#| msgid "ldap_referrals (boolean)" msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "ldap_referrals (booléen)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1791 @@ -4360,10 +4397,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1801 -#, fuzzy -#| msgid "dns_resolver_timeout (integer)" msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "dns_resolver_timeout (entier)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1804 @@ -4373,36 +4408,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1642 -#, fuzzy -#| msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1815 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" -"Le répertoire squelette contenant les fichiers et répertoires à copier dans " -"le répertoire maison utilisateur une fois ce répertoire créé par " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 -#, fuzzy -#| msgid "OPTIONS" msgid "AUTOFS OPTIONS" -msgstr "OPTIONS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 @@ -4413,59 +4434,43 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1834 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_autofs_map_object_class (string)" -msgstr "ldap_user_object_class (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -#, fuzzy -#| msgid "The object class of a user entry in LDAP." msgid "The object class of an automount map entry in LDAP." -msgstr "La classe objet d'une entrée utilisateur dans LDAP." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -#, fuzzy -#| msgid "Default: root" msgid "Default: automountMap" -msgstr "Défaut : root" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1847 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_autofs_map_name (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1850 -#, fuzzy -#| msgid "The object class of a user entry in LDAP." msgid "The name of an automount map entry in LDAP." -msgstr "La classe objet d'une entrée utilisateur dans LDAP." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 -#, fuzzy -#| msgid "Default: uid" msgid "Default: ou" -msgstr "Par défaut : uid" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1860 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_autofs_entry_object_class (string)" -msgstr "ldap_user_object_class (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1874 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_autofs_entry_key (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 @@ -4476,10 +4481,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1888 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_autofs_entry_value (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1895 @@ -4510,6 +4513,8 @@ msgstr "ldap_netgroup_search_base (chaînes)" msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" +"Une base DN optionnelle pour restreindre les recherches du groupe réseau à " +"un sous-domaine spécifique." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1930 @@ -4520,6 +4525,8 @@ msgstr "ldap_user_search_base (chaînes)" #: sssd-ldap.5.xml:1933 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" +"Une base DN optionnelle pour restreindre les recherches utilisateur à un " +"sous-domaine spécifique." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1949 @@ -4530,6 +4537,8 @@ msgstr "ldap_group_search_base (chaînes)" #: sssd-ldap.5.xml:1952 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +"Une base DN optionnelle pour restreindre les recherches de groupe à un sous-" +"domaine spécifique." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1968 @@ -4542,6 +4551,8 @@ msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" +"Cette option définit un filtre de recherche LDAP supplémentaire qui " +"restreint les recherches utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1975 @@ -4557,6 +4568,8 @@ msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" " " msgstr "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1988 @@ -4564,6 +4577,8 @@ msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" +"Ce filtre devrait restreindre les recherches utilisateurs aux utilisateurs " +"qui ont leur interpréteur de commande définit sur /bin/tcsh." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1995 @@ -4576,6 +4591,8 @@ msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" +"Cette option définit un filtre de recherche LDAP supplémentaire qui " +"restreint les recherches de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2002 @@ -4586,10 +4603,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2012 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_sudo_search_base (string)" -msgstr "ldap_search_base (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2015 @@ -4599,10 +4614,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2034 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_autofs_search_base (string)" -msgstr "ldap_user_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2037 @@ -4617,6 +4630,10 @@ msgid "" "caution. Please include them in your configuration only if you know what you " "are doing. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Ces options sont prises en charge pour les domaines LDAP, mais ils doivent " +"être utilisés avec précaution. Veuillez les inclure dans votre configuration " +"seulement si vous savez ce que vous faites. <placeholder type=\"variablelist" +"\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2066 @@ -4625,6 +4642,8 @@ msgid "" "set to one of the domains in the <replaceable>[domains]</replaceable> " "section." msgstr "" +"L'exemple suivant suppose que SSSD est correctement configuré et LDAP pointe " +"sur un des domaines de la section <replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ldap.5.xml:2072 @@ -4639,12 +4658,20 @@ msgid "" " cache_credentials = true\n" " enumerate = true\n" msgstr "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mon_domaine.org\n" +" ldap_search_base = dc=mon_domaine,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 #: sssd-krb5.5.xml:441 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 @@ -4659,6 +4686,10 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " "distribution." msgstr "" +"Les descriptions de quelques options de configuration des pages de manuel " +"sont basées sur le manuel de <citerefentry> <refentrytitle>ldap.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> dans le paquet de " +"OpenLDAP 2.4." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2098 @@ -4668,6 +4699,10 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <refentryinfo> #: pam_sss.8.xml:8 include/upstream.xml:2 @@ -4675,6 +4710,8 @@ msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - http://" "fedorahosted.org/sssd</orgname>" msgstr "" +"<productname>SSSD</productname> <orgname>Le projet SSSD - http://" +"fedorahosted.org/sssd</orgname>" #. type: Content of: <reference><refentry><refnamediv><refname> #: pam_sss.8.xml:13 pam_sss.8.xml:18 @@ -4684,7 +4721,7 @@ msgstr "pam_sss" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: pam_sss.8.xml:19 msgid "PAM module for SSSD" -msgstr "" +msgstr "Module PAM pour SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:24 @@ -4704,6 +4741,9 @@ msgid "" "Services daemon (SSSD). Errors and results are logged through <command>syslog" "(3)</command> with the LOG_AUTHPRIV facility." msgstr "" +"<command>pam_sss.so</command> est l'interface PAM pour le démon des services " +"de sécurité système (SSSD). Les erreurs et résultats sont journalisés par " +"<command>syslog(3)</command> avec l'argument LOG_AUTHPRIV." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:55 @@ -4726,6 +4766,8 @@ msgid "" "If <option>forward_pass</option> is set the entered password is put on the " "stack for other PAM modules to use." msgstr "" +"Si <option>forward_pass</option> est définit, le mot de passe entré est " +"inséré en mémoire pour les autres modules PAM utilisés." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:73 @@ -4739,6 +4781,10 @@ msgid "" "modules password and will never prompt the user - if no password is " "available or the password is not appropriate, the user will be denied access." msgstr "" +"L'argument use_first_pass force le module à utliser un module de mot de " +"passe déjà en mémoire et ne fera pas la demande à l'utilisateur. Si aucun " +"mot de passe n'est disponible ou que celui-ci n'est pas approprié, " +"l'utilisateur est refusé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:84 @@ -4751,6 +4797,9 @@ msgid "" "When password changing enforce the module to set the new password to the one " "provided by a previously stacked password module." msgstr "" +"Lorsque le changement de mot de passe force le module à changer de mot de " +"passe vers celui fournit par un module de mot de passe déjà chargé en " +"mémoire." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:94 @@ -4763,6 +4812,8 @@ msgid "" "If specified the user is asked another N times for a password if " "authentication fails. Default is 0." msgstr "" +"Si définit, on demande le mot de passe à l'utilisateur encore N fois si " +"l'authentification échoue. Par défaut : 0." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:99 @@ -4771,11 +4822,15 @@ msgid "" "calling PAM handles the user dialog on its own. A typical example is " "<command>sshd</command> with <option>PasswordAuthentication</option>." msgstr "" +"Veuillez noter que cette option peut ne pas fonctionner comme prévu si " +"l'application qui appelle PAM gère de lui-même les boîtes de dialogue " +"utilisateur. Un exemple typique est <command>sshd</command> avec " +"<option>PasswordAuthentication</option>." #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:110 msgid "MODULE TYPES PROVIDED" -msgstr "" +msgstr "TYPES DE MODULE FOURNIT" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:111 @@ -4783,6 +4838,8 @@ msgid "" "All module types (<option>account</option>, <option>auth</option>, " "<option>password</option> and <option>session</option>) are provided." msgstr "" +"Tous les types de module (<option>account</option>, <option>auth</option>, " +"<option>password</option> et <option>session</option>) sont fournis." #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:117 @@ -4796,6 +4853,10 @@ msgid "" "does not support password resets, an individual message can be displayed. " "This message can e.g. contain instructions about how to reset a password." msgstr "" +"Si une remise à zéro de mot de passe par root échoue car le fournisseur SSSD " +"correspondant ne prend pas en charge la remise à zéro de mot de passe, un " +"message spécifique peut être affiché. Ce message peut, par exemple, contenir " +"les instructions pour faire cette remise à zéro." #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:123 @@ -4816,6 +4877,9 @@ msgid "" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " "displayed." msgstr "" +"Ces fichiers sont cherchés dans le dossier <filename>/etc/sssd/customize/" +"NOM_DE_DOMAINE/</filename>. Si aucun fichier correspondant n'est présent, un " +"message spécifique est affiché." #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:141 @@ -4823,6 +4887,8 @@ msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 @@ -4863,6 +4929,10 @@ msgid "" "<command>sssd_krb5_locator_plugin</command> is not available on your system " "you have to edit /etc/krb5.conf to reflect your Kerberos setup." msgstr "" +"Toutes les versions de Kerberos ne supportent pas forcément l'utilisation de " +"modules. Si <command>sssd_krb5_locator_plugin</command> n'est pas présent " +"dans votre système, vous devez éditer /etc/krb5.conf pour modifier la " +"configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:69 @@ -4870,6 +4940,9 @@ msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" +"Si la variable d'environnement, SSSD_KRB5_LOCATOR_DEBUG, a une valeur " +"quelconque, des messages de débogage (ou d'analyse) seront envoyés sur la " +"sortie standard d'erreur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:77 @@ -4893,6 +4966,8 @@ msgstr "sssd-simple" #: sssd-simple.5.xml:17 msgid "the configuration file for SSSD's 'simple' access-control provider" msgstr "" +"le fichier de configuration pour le « simple » fournisseur de contrôle " +"d'accès SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:24 @@ -4904,6 +4979,12 @@ msgid "" "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page." msgstr "" +"Cette page de manuel décrit la configuration du simple fournisseur de " +"contrôle d'accès pour <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. Pour plus de détails sur la " +"syntaxe, veuillez voir la section <quote>FORMAT DE FICHIER</quote> de la " +"page de manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:38 @@ -4911,11 +4992,14 @@ msgid "" "The simple access provider grants or denies access based on an access or " "deny list of user or group names. The following rules apply:" msgstr "" +"Le simple fournisseur d'accès autorise l'accès à partir d'une liste. Celle-" +"ci peut définir l'accès ou bien le refus de noms d'utilisateur ou de groupe, " +"ou encore des noms de groupes. Les règles suivantes s'appliquent :" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:43 msgid "If all lists are empty, access is granted" -msgstr "" +msgstr "Si toutes les listes sont vides, l'accès est autorisé" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:47 @@ -4923,6 +5007,9 @@ msgid "" "If any list is provided, the order of evaluation is allow,deny. This means " "that any matching deny rule will supersede any matched allow rule." msgstr "" +"Si une liste est fournie, quel quelle soit, l'ordre d'évaluation est " +"autorisé, puis refusé, autrement dit une règle de refus écrasera une règle " +"d'autorisation." #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:54 @@ -4930,6 +5017,8 @@ msgid "" "If either or both \"allow\" lists are provided, all users are denied unless " "they appear in the list." msgstr "" +"Si la ou les listes fournies sont seulement « autorisée », tous les " +"utilisateurs sont refusés à moins qu'ils ne soient dans la liste." #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:60 @@ -4937,6 +5026,8 @@ msgid "" "If only \"deny\" lists are provided, all users are granted access unless " "they appear in the list." msgstr "" +"Si seulement les listes « refus » sont disponibles, tous les utlisateurs " +"sont autorisés à moins qu'ils ne soient dans la liste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:78 @@ -4947,6 +5038,7 @@ msgstr "simple_allow_users (chaîne)" #: sssd-simple.5.xml:81 msgid "Comma separated list of users who are allowed to log in." msgstr "" +"Liste, séparée par des virgules, d'utilisateurs autorisés à se connecter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:88 @@ -4957,6 +5049,7 @@ msgstr "simple_deny_users (chaîne)" #: sssd-simple.5.xml:91 msgid "Comma separated list of users who are explicitly denied access." msgstr "" +"Liste, séparée par des virgules, d'utilisateurs qui ont un accès refusé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:97 @@ -4969,6 +5062,9 @@ msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" +"Liste, séparée par des virgules, de groupes autorisés à se connecter. Ceci " +"ne s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaus ne " +"sont pas évalués." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:108 @@ -4982,6 +5078,9 @@ msgid "" "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" +"Liste, séparée par des virgules, de groupes qui sont refusés. Ceci ne " +"s'applique qu'à des groupes dans un certain domaine SSSD. Les groupes locaux " +"ne sont pas évalués." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 @@ -4991,6 +5090,10 @@ msgid "" "citerefentry> manual page for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Veuillez vous référer à la section <quote>SECTIONS DE DOMAINE</quote> du " +"manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> pour les détails sur la " +"configuration du domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 @@ -4998,6 +5101,8 @@ msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" +"Veuillez noter que c'est une erreur de configuration si simple_allow_users " +"et simple_deny_users, sont définis." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:128 @@ -5006,6 +5111,10 @@ msgid "" "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the simple access provider-specific options." msgstr "" +"L'exemple suivant suppose que SSSD est correctement configuré et exemple.com " +"est un des domaines dans la section <replaceable>[sssd]</replaceable>. Ces " +"exemples montrent seulement les options du simple fournisseur d'accès " +"spécifique." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-simple.5.xml:135 @@ -5015,6 +5124,9 @@ msgid "" " access_provider = simple\n" " simple_allow_users = user1, user2\n" msgstr "" +" [domain/exemple.com]\n" +" access_provider = simple\n" +" simple_allow_users = utilisateur1, utilisateur2\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:145 @@ -5023,6 +5135,9 @@ msgid "" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 @@ -5038,6 +5153,12 @@ msgid "" "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"Cette page de manuel décrit la configuration du fournisseur IPA pour " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Pour une référence détaillée sur la syntaxe, veuillez " +"regarder la section <quote>FORMAT DE FICHIER</quote> de la page de manuel " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:36 @@ -5047,6 +5168,11 @@ msgid "" "requires that the machine be joined to the IPA domain; configuration is " "almost entirely self-discovered and obtained directly from the server." msgstr "" +"Le fournisseur IPA est un antéserveur pour se connecter au serveur IPA (voir " +"le site freeipa.org pour plus d'informations sur les serveurs IPA). Ce " +"fournisseur nécessite que la machine soit joignable pour le domaine IPA ; la " +"configuration est presque entièrement obtenue et auto-découverte à partir du " +"serveur." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:43 @@ -5079,6 +5205,8 @@ msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" +"Définit le nom du domaine IPA. C'est une option. Si non fournit, le nom de " +"domaine de configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:83 @@ -5106,6 +5234,9 @@ msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" +"Optionnel. Peut être définit pour des machines où le nom d'hôte ne reflète " +"pas le nom de domaine entièrement qualifié dans le domaine IPA pour " +"identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:110 @@ -5118,6 +5249,8 @@ msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" +"Optionnel. Cette option indique à SSSD de faire une mise à jour automatique " +"du serveur DNS construit dans FreeIPA v2 avec l'adresse IP du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:118 @@ -5137,11 +5270,14 @@ msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" +"Optionnel. Applicable seulement quand ipa_dyndns_update est vrai. Choisir " +"l'interface dont l'adresse IP soit être utilisé pour les mises à jour des " +"DNS dynamiques." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:137 msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" +msgstr "Par défaut : utilise l'adresse IP de la connexion IPA LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:143 @@ -5156,14 +5292,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:150 msgid "Default: Use base DN" -msgstr "" +msgstr "Par défaut : utilise la base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:156 -#, fuzzy -#| msgid "ipa_hbac_search_base (string)" msgid "ipa_host_search_base (string)" -msgstr "ipa_hbac_search_base (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:159 @@ -5180,10 +5314,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:180 -#, fuzzy -#| msgid "ipa_hbac_search_base (string)" msgid "ipa_selinux_search_base (string)" -msgstr "ipa_hbac_search_base (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:183 @@ -5200,7 +5332,7 @@ msgstr "krb5_validate (booléen)" msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." -msgstr "" +msgstr "Vérifie avec l'aide de krb5_keytab que le TGT obtenu n'est pas usurpé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:209 @@ -5208,6 +5340,8 @@ msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" +"Notez que cette valeur par défaut diffère du moteur de traitement Kerberos " +"original." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:219 @@ -5215,6 +5349,8 @@ msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" +"Le nom du domaine Kerberos. C'est optionnel et les valeurs par défaut sont " +"<quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:223 @@ -5222,6 +5358,8 @@ msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" +"Le nom du domaine Kerberos a une signification spéciale dans IPA. Il est " +"convertit en la base DN pour effectuer des opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:234 @@ -5243,11 +5381,14 @@ msgid "" "This will reduce the latency and load on the IPA server if there are many " "access-control requests made in a short period." msgstr "" +"Le temps entre les règles de recherches HBAC pour un serveur IPA. Cela " +"réduit le temps de latence et la charge du serveur IPA si il y a beaucoup de " +"requêtes de contrôle d'accès pendant une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:257 msgid "Default: 5 (seconds)" -msgstr "Défaut : 5 (secondes)" +msgstr "Par défaut : 5 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:262 @@ -5262,6 +5403,11 @@ msgid "" "of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " "client will support two modes of operation during this transition period:" msgstr "" +"Cette option explique comment utiliser les règles HBAC de type REFUS " +"dépréciées. À partir de FreeIPA v2.1, les règles de REFUS ne sont plus " +"prises en charge pour le serveur. Tous les utilisateurs de FreeIPA doivent " +"changer leurs règles pour utiliser seulement les règles d'AUTORISATION. Le " +"client supportera deux modes opératoires pendant cette transition :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:274 @@ -5269,6 +5415,8 @@ msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" +"<emphasis>DENY_ALL</emphasis> : si une règle de REFUS HBAC est détectée, " +"tous les utilisateurs ne pourront pas se connecter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:279 @@ -5276,16 +5424,18 @@ msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" +"<emphasis>IGNORE</emphasis> : SSSD ignorera toutes les règles de REFUS. " +"Faites attention avec cette option, elle peut fournir des accès non-prévus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:284 msgid "Default: DENY_ALL" -msgstr "Défaut : DENY_ALL" +msgstr "Par défaut : DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:289 msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" +msgstr "ipa_hbac_support_srchost (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:292 @@ -5303,10 +5453,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:307 -#, fuzzy -#| msgid "ipa_domain (string)" msgid "ipa_automount_location (string)" -msgstr "ipa_domain (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:310 @@ -5321,7 +5469,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:319 msgid "ipa_netgroup_member_of (string)" -msgstr "" +msgstr "ipa_netgroup_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:322 @@ -5331,7 +5479,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:331 msgid "ipa_netgroup_member_user (string)" -msgstr "" +msgstr "ipa_netgroup_member_user (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:334 @@ -5426,63 +5574,46 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:404 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ipa_selinux_usermap_object_class (string)" -msgstr "ldap_user_object_class (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:415 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ipa_selinux_usermap_name (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:418 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:427 -#, fuzzy -#| msgid "ipa_server (string)" msgid "ipa_selinux_usermap_member_user (string)" -msgstr "ipa_server (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:430 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:439 -#, fuzzy -#| msgid "ipa_server (string)" msgid "ipa_selinux_usermap_member_host (string)" -msgstr "ipa_server (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:442 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:451 -#, fuzzy -#| msgid "simple_deny_users (string)" msgid "ipa_selinux_usermap_see_also (string)" -msgstr "simple_deny_users (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:454 @@ -5493,138 +5624,100 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:459 -#, fuzzy -#| msgid "Default: gecos" msgid "Default: seeAlso" -msgstr "Par défaut : gecos" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:464 -#, fuzzy -#| msgid "simple_deny_users (string)" msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "simple_deny_users (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:467 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:471 -#, fuzzy -#| msgid "Default: password" msgid "Default: ipaSELinuxUser" -msgstr "Par défaut : password" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:476 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ipa_selinux_usermap_enabled (string)" -msgstr "ldap_user_name (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:479 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:483 -#, fuzzy -#| msgid "Default: ldap" msgid "Default: ipaEnabledFlag" -msgstr "Défaut : ldap" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:488 -#, fuzzy -#| msgid "ldap_user_search_filter (string)" msgid "ipa_selinux_usermap_user_category (string)" -msgstr "ldap_user_search_filter (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:491 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's gecos field." msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "L'attribut LDAP correspondant au champ gecos de l'utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:495 -#, fuzzy -#| msgid "Default: filter" msgid "Default: userCategory" -msgstr "Défaut : filter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:500 -#, fuzzy -#| msgid "ipa_hostname (string)" msgid "ipa_selinux_usermap_host_category (string)" -msgstr "ipa_hostname (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:503 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:507 -#, fuzzy -#| msgid "Default: filter" msgid "Default: hostCategory" -msgstr "Défaut : filter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:512 -#, fuzzy -#| msgid "ipa_server (string)" msgid "ipa_selinux_usermap_uuid (string)" -msgstr "ipa_server (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:515 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "L'attribut LDAP correspondant à l'id utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:519 -#, fuzzy -#| msgid "Default: true" msgid "Default: ipaUniqueID" -msgstr "Défaut : true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:524 -#, fuzzy -#| msgid "ipa_hostname (string)" msgid "ipa_host_ssh_public_key (string)" -msgstr "ipa_hostname (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:527 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's login name." msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:531 -#, fuzzy -#| msgid "Default: uidNumber" msgid "Default: ipaSshPubKey" -msgstr "par défaut : uidNumber" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:546 @@ -5633,6 +5726,9 @@ msgid "" "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the ipa provider-specific options." msgstr "" +"L'exemple suivant suppose que SSSD est correctement configuré et exemple.com " +"est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces " +"exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:553 @@ -5643,6 +5739,10 @@ msgid "" " ipa_server = ipaserver.example.com\n" " ipa_hostname = myhost.example.com\n" msgstr "" +" [domain/exemple.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.exemple.com\n" +" ipa_hostname = mon_hôte.exemple.com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:564 @@ -5654,6 +5754,12 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sssd</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.8.xml:10 sssd.8.xml:15 @@ -5671,6 +5777,8 @@ msgid "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" +"<command>sssd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:31 @@ -5683,6 +5791,14 @@ msgid "" "FreeIPA. It provides a more robust database to store local users as well as " "extended user data." msgstr "" +"<command>SSSD</command> fournit un jeu de démons pour gérer l'accès à des " +"dossiers distants et des mécanismes d'authentification. Il fournit une " +"interface NSS et PAM au travers du système et un moteur système intégré pour " +"se connecter à de multiples comptes de source différente tout comme " +"l'interface D-Bus. C'est aussi un moyen de fournir un audit client et une " +"politique de services pour les projets tels que FreeIPA. Il fournit une base " +"de donnée plus robuste pour stocker les utilisateurs locaux ainsi que les " +"données des utilisateurs étendus." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:46 @@ -5727,7 +5843,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:79 msgid "Default: 0" -msgstr "Défaut : 0" +msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:85 @@ -5741,6 +5857,10 @@ msgid "" "are stored in <filename>/var/log/sssd</filename> and there are separate log " "files for every SSSD service and domain." msgstr "" +"Envoie la sortie de débogage vers des fichiers plutôt que vers la sortie " +"standard d'erreurs. Par défaut, les fichiers de sortie sont stockés dans " +"<filename>/var/log/sssd</filename> et des fichiers différents sont créés " +"pour chaque service et domaine SSSD." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:97 @@ -5750,7 +5870,7 @@ msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:101 msgid "Become a daemon after starting up." -msgstr "" +msgstr "Se transforme en démon au prochain redémarrage." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:107 @@ -5760,21 +5880,26 @@ msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:111 msgid "Run in the foreground, don't become a daemon." -msgstr "" +msgstr "Tourne un avant-plan et ne devient pas un démon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " "consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"Définit un fichier de configuration pas par défaut. Par défaut c'est " +"<filename>/etc/sssd/sssd.conf</filename>. Pour avoir des informations sur la " +"syntaxe et les options du fichier de configuration, veuillez consulter les " +"pages du manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:135 @@ -5802,6 +5927,8 @@ msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" +"Indique à SSSD de fermer normalement tous ses processus fils et après " +"d'éteindre le moniteur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:159 @@ -5815,6 +5942,9 @@ msgid "" "close and reopen them. This is meant to facilitate log rolling with programs " "like logrotate." msgstr "" +"Précise à SSSD de ne plus écrire vers son fichier de débogage actuel, de le " +"fermer et de le rouvrir. Cela permet de faciliter les roulements de fichiers " +"de sortie avec des programmes tels que logrotate." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:170 @@ -5827,6 +5957,8 @@ msgid "" "Tells the SSSD to simulate offline operation for one minute. This is mostly " "useful for testing purposes." msgstr "" +"Précise à SSSD de simuler une opération hors-ligne pendant une minute. C'est " +"surtout utile pour faire des tests." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:179 @@ -5839,6 +5971,8 @@ msgid "" "Tells the SSSD to go online immediately. This is mostly useful for testing " "purposes." msgstr "" +"Précise à SSSD de passer en mode hors-ligne immédiatement. C'est surtout " +"utile pour faire des tests." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:193 @@ -5855,6 +5989,17 @@ msgid "" "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 @@ -5873,6 +6018,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" msgstr "" +"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>[MOT_DE_PASSE]</" +"replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:32 @@ -5881,6 +6029,9 @@ msgid "" "unreadable format and places it into appropriate domain section of the SSSD " "config file." msgstr "" +"<command>sss_obfuscate</command> convertit un mot de passe donné en un " +"format lisible et le place dans la section du domaine afférent au fichier de " +"configuration SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:37 @@ -5893,6 +6044,13 @@ msgid "" "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more details on these parameters." msgstr "" +"Le mot de passe en clair est lu dans l'entrée standard ou entrée " +"interactivement. Les mots de passes chiffrés sont mis dans " +"<quote>ldap_default_authtok</quote> pour un domaine SSSD donné et le " +"paramètre <quote>ldap_default_authtok_type</quote> est définit à " +"<quote>obfuscated_password</quote>. Se référer à <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> pour plus de détails sur ces paramètres." #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:49 @@ -5903,23 +6061,31 @@ msgid "" "such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " "advised." msgstr "" +"Veuillez noter que les mots de passe chiffrés ne fournissent <emphasis>aucun " +"réel bénéfice de sécurité</emphasis> étant donné qu'il est possible de " +"retrouver le mot de passe par ingénierie-inverse. utiliser un meilleur " +"mécanisme d'authentification tel que les certificats côté client ou GSSAPI " +"est <emphasis>très</emphasis> conseillé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:63 msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" +msgstr "<option>-s</option>,<option>--stdin</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:67 msgid "The password to obfuscate will be read from standard input." -msgstr "" +msgstr "Le mot de passe chiffré sera lu sur l'entrée standard." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" +"<option>-d</option>,<option>--domain</option> <replaceable>DOMAINE</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:79 @@ -5927,22 +6093,26 @@ msgid "" "The SSSD domain to use the password in. The default name is <quote>default</" "quote>." msgstr "" +"Le domaine SSSD auquel est lié le mot de passe. Le nom par défaut est " +"<quote>default</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:86 msgid "" "<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" msgstr "" +"<option>-f</option>,<option>--file</option> <replaceable>FICHIER</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:91 msgid "Read the config file specified by the positional parameter." -msgstr "" +msgstr "Lit le fichier de configuration spécifié par le paramètre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:95 msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" +msgstr "Par défaut : <filename>/etc/sssd/sssd.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:105 @@ -5950,6 +6120,8 @@ msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_useradd.8.xml:10 sss_useradd.8.xml:15 @@ -5968,6 +6140,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NOM_D_UTILISATEUR</" +"replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:32 @@ -5975,12 +6150,16 @@ msgid "" "<command>sss_useradd</command> creates a new user account using the values " "specified on the command line plus the default values from the system." msgstr "" +"<command>sss_useradd</command> crée un nouveau compte utilisateur en " +"utilisant les valeurs spécifiées en ligne de commande auquelles sont " +"ajoutées les valeurs par défaut du système." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:43 msgid "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:48 @@ -5988,6 +6167,8 @@ msgid "" "Set the UID of the user to the value of <replaceable>UID</replaceable>. If " "not given, it is chosen automatically." msgstr "" +"Définit l'UID de l'utilisateur à la valeur <replaceable>UID</replaceable>. " +"Si non précisé, il est choisit automatiquement." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:55 sss_usermod.8.xml:43 @@ -5995,6 +6176,8 @@ msgid "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" "replaceable>" msgstr "" +"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENTAIRE</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:60 sss_usermod.8.xml:48 @@ -6002,6 +6185,8 @@ msgid "" "Any text string describing the user. Often used as the field for the user's " "full name." msgstr "" +"Toute chaîne de caractère décrivant l'utilisateur. Souvent utilisé comme " +"champ pour le nom entier de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:67 sss_usermod.8.xml:55 @@ -6009,6 +6194,8 @@ msgid "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" msgstr "" +"<option>-h</option>,<option>--home</option> " +"<replaceable>RÉPERTOIRE_PERSONNEL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:72 @@ -6019,12 +6206,19 @@ msgid "" "<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" "baseDirectory</quote> setting in sssd.conf." msgstr "" +"Le répertoire personnel du compte utilisateur. Par défaut, on ajoute " +"<replaceable>NOM_D_UTILISATEUR</replaceable> à <filename>/home</filename> et " +"on utilise cela comme dossier personnel. La base précédent " +"<replaceable>NOM_D_UTILISATEUR</replaceable> est modifiable avec le " +"paramètre <quote>user_defaults/baseDirectory</quote> dans sssd.conf." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:82 sss_usermod.8.xml:66 msgid "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" msgstr "" +"<option>-s</option>,<option>--shell</option> " +"<replaceable>INTERPRÉTEUR_DE_COMMANDE</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:87 @@ -6033,6 +6227,9 @@ msgid "" "filename>. The default can be changed with <quote>user_defaults/" "defaultShell</quote> setting in sssd.conf." msgstr "" +"L'interpréteur de commande de l'utilisateur. Par défaut c'est actuellement " +"<filename>/bin/bash</filename>. Cette valeur par défaut peut être modifiée " +"avec le paramètre <quote>user_defaults/defaultShell</quote> dans sssd.conf." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:96 @@ -6040,16 +6237,18 @@ msgid "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" "replaceable>" msgstr "" +"<option>-G</option>,<option>--groups</option> <replaceable>GROUPES</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:101 msgid "A list of existing groups this user is also a member of." -msgstr "" +msgstr "Une liste de groupes existants dont l'utilisateur est aussi un membre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:107 msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" +msgstr "<option>-m</option>,<option>--create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:111 @@ -6058,17 +6257,23 @@ msgid "" "directories contained in the skeleton directory (which can be defined with " "the -k option or in the config file) will be copied to the home directory." msgstr "" +"Crée le répertoire personne de l'utilisateur s'il n'existe pas. Les fichiers " +"et répertoires inclus dans le répertoire squelette (pouvant être définit " +"avec l'option -k ou dans le fichier de configuration) sont copiés dans le " +"dossier personnel." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:121 msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" +msgstr "<option>-M</option>,<option>--no-create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:125 msgid "" "Do not create the user's home directory. Overrides configuration settings." msgstr "" +"Ne pas créer de dossier personnel pour l'utilisateur. Écrase les paramètres " +"de configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:132 @@ -6076,6 +6281,8 @@ msgid "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" msgstr "" +"<option>-k</option>,<option>--skel</option> " +"<replaceable>RÉPERTOIRE_SQUELETTE</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:137 @@ -6084,6 +6291,9 @@ msgid "" "the user's home directory, when the home directory is created by " "<command>sss_useradd</command>." msgstr "" +"Le répertoire squelette, contenant les fichiers et répertoires à copier dans " +"le répertoire personnel de l'utilisateur, quand le répertoire personnel est " +"créé par <command>sss_useradd</command>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:143 @@ -6092,6 +6302,9 @@ msgid "" "home</option>) option is specified, or creation of home directories is set " "to TRUE in the configuration." msgstr "" +"L'option n'est valide que si l'option <option>-m</option> (ou <option>--" +"create-home</option>) est utilisée ou si la création de répertoires " +"personnels est sur VRAI dans la configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:152 sss_usermod.8.xml:124 @@ -6099,6 +6312,8 @@ msgid "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>SELINUX_USER</replaceable>" msgstr "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>UTILISATEUR_SELINUX</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:157 @@ -6106,6 +6321,8 @@ msgid "" "The SELinux user for the user's login. If not specified, the system default " "will be used." msgstr "" +"L'utilisateur SELinux pour la connexion utilisateur. Si non spécifié, la " +"valeur par défaut du système est utilisée." #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:169 @@ -6120,6 +6337,15 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 @@ -6136,6 +6362,12 @@ msgid "" "the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page" msgstr "" +"Cette page de manuel décrit la configuration du moteur d'authentification de " +"Kerberos 5 pour <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. Pour une référence détaillée sur " +"la syntaex, veuillez vous référer à la section <quote>FORMAT DE FICHIER</" +"quote> du manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:36 @@ -6149,6 +6381,15 @@ msgid "" "page for the applicable identity provider for details on how to configure " "this." msgstr "" +"Le moteur d'authentification Kerberos 5 contient les fournisseurs " +"d'autentification et de changement de mot de passe. Il doit être couplé avec " +"un fournisseur d'identité de manière à fonctionner proprement (par exemple, " +"id_provider = ldap). Quelques informations requises par le moteur " +"d'authentification Kerberos 5 doit être fournit par le fournisseur " +"d'identité, telles que le nom principal de l'utilisateur Kerberos (UPN). La " +"configuration du fournisseur d'identité doit avoir une entrée pour spécifier " +"l'UPN. Veuillez vous référer aux pages du manuel du fournisseur d'identité " +"ad-hoc pour pouvoir le configurer." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 @@ -6160,6 +6401,12 @@ msgid "" "To activate this feature use 'access_provider = krb5' in your sssd " "configuration." msgstr "" +"Ce moteur fournit aussi un contrôle d'accès sur le fichier .k5login dans le " +"répertoire personnel de l'utilisateur. Voir <citerefentry> <refentrytitle>." +"k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> pour plus de " +"détails. Veuillez noter qu'un fichier .k5login vide interdira tout accès " +"pour cet utilisateur. Pour activer cette option, utilisez « access_provider " +"= krb5 » dans votre configuration de sssd." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:55 @@ -6168,6 +6415,9 @@ msgid "" "<command>sssd</command> will construct a UPN using the format " "<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." msgstr "" +"Dans le cas où l'UPN n'est pas valide dans le moteur d'identité " +"<command>sssd</command> construira un UPN en utilisant le format " +"<replaceable>utilisateur</replaceable>@<replaceable>krb5_realm</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:106 @@ -6175,6 +6425,8 @@ msgid "" "The name of the Kerberos realm. This option is required and must be " "specified." msgstr "" +"Le nom du domaine Kerberos. Cette option est nécessaire et doit être " +"renseignée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:113 @@ -6197,11 +6449,15 @@ msgid "" "kpasswd servers to try the back end is not switch to offline if " "authentication against the KDC is still possible." msgstr "" +"Pour plus d'information sur le basculement et la redondance serveur, voir la " +"section <quote>BASCULEMENT</quote>. Veuillez noter que même si il n'y a plus " +"de serveurs kpasswd à essayer, le moteur n'est pas passé en mode hors-ligne " +"si l'authentification KDC est toujours possible." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:129 msgid "Default: Use the KDC" -msgstr "Défaut : utiliser le KDC" +msgstr "Par défaut : utiliser le KDC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:135 @@ -6219,11 +6475,19 @@ msgid "" "<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" "citerefentry> for details) is created." msgstr "" +"Répertoire pour stocker les caches crédits. Toutes les séquences de " +"substitution de krb5_ccname_template peut être utilisée ici, aussi, hormis " +"%d et %P. Si le dossier n'existe pas il sera créé. Si %u, %U, %p ou %h sont " +"utilisés un répertoire privé appartenant à l'utilisateur est créé. Sinon un " +"répertoire public avec un drapeau de restriction à la suppression (aussi " +"appelé « sticky bit », voir <citerefentry> <refentrytitle>chmod</" +"refentrytitle> <manvolnum>1</manvolnum> </citerefentry> pour plus de " +"détails) est créé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:151 msgid "Default: /tmp" -msgstr "Défaut : /tmp" +msgstr "Par défaut : /tmp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:157 @@ -6233,7 +6497,7 @@ msgstr "krb5_ccname_template (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:171 msgid "login UID" -msgstr "" +msgstr "identifiant UID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:174 @@ -6253,7 +6517,7 @@ msgstr "%r" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:180 msgid "realm name" -msgstr "" +msgstr "nom de domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:183 @@ -6263,12 +6527,12 @@ msgstr "%h" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:184 msgid "home directory" -msgstr "" +msgstr "répertoire personnel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:189 msgid "value of krb5ccache_dir" -msgstr "" +msgstr "valeur de krb5ccache_dir" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:194 @@ -6278,7 +6542,7 @@ msgstr "%P" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:195 msgid "the process ID of the sssd client" -msgstr "" +msgstr "l'ID de processus du client sssd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:160 @@ -6289,11 +6553,16 @@ msgid "" "ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " "way." msgstr "" +"Emplacement du cache de crédits utilisateur. Actuellement, seuls les " +"fichiers cache de crédits sont acceptés. Dans le modèle, les séquences " +"suivantes sont substituées : <placeholder type=\"variablelist\" id=\"0\"/> " +"si le modèle se termine par « XXXXXX », mkstemp(3) est utlisé pour créer un " +"nom de fichier unique de manière sécurisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:209 msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" +msgstr "Par défaut : FICHIER:%d/krb5cc_%U_XXXXXX" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:215 @@ -6306,6 +6575,9 @@ msgid "" "Timeout in seconds after an online authentication or change password request " "is aborted. If possible the authentication request is continued offline." msgstr "" +"Délai d'attente, en secondes, après une requête d'authentification en ligne " +"ou de changement de mot de passe annulé. Si possible la requête " +"d'authentification sera effectuée hors-ligne." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:241 @@ -6318,11 +6590,13 @@ msgid "" "The location of the keytab to use when validating credentials obtained from " "KDCs." msgstr "" +"L'emplacement du fichier keytab à utiliser pour valider les crédits obtenus " +"à partir de KDC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:248 msgid "Default: /etc/krb5.keytab" -msgstr "Défaut : /etc/krb5.keytab" +msgstr "Par défaut : /etc/krb5.keytab" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:254 @@ -6335,6 +6609,8 @@ msgid "" "Store the password of the user if the provider is offline and use it to " "request a TGT when the provider gets online again." msgstr "" +"Stocke le mot de passe de l'utilisateur si le fournisseur est hors-ligne et " +"l'utilise pour obtenir un TGT quand le fournisseur revient en ligne." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:262 @@ -6355,31 +6631,34 @@ msgid "" "Request a renewable ticket with a total lifetime given by an integer " "immediately followed by one of the following delimiters:" msgstr "" +"Demande un ticket renouvelable avec un temps de vie total donné par un " +"entier immédiatement suivi par un des séparateurs suivants :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 msgid "<emphasis>s</emphasis> seconds" -msgstr "" +msgstr "<emphasis>s</emphasis> secondes" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 msgid "<emphasis>m</emphasis> minutes" -msgstr "" +msgstr "<emphasis>m</emphasis> minutes" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 msgid "<emphasis>h</emphasis> hours" -msgstr "" +msgstr "<emphasis>h</emphasis> heures" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 msgid "<emphasis>d</emphasis> days." -msgstr "" +msgstr "<emphasis>d</emphasis> jours." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." msgstr "" +"Si aucun séparateur n'est spécifié, <emphasis>s</emphasis> est considéré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:299 @@ -6388,11 +6667,15 @@ msgid "" "renewable lifetime to one and a half hours please use '90m' instead of " "'1h30m'." msgstr "" +"Veuillez noter qu'il n'est pas possible de mélanger les unités. Si vous " +"voulez une durée de vie renouvelable de une heure et trente minutes, " +"utilisez « 90m » à la place de « 1h30m »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:305 msgid "Default: not set, i.e. the TGT is not renewable" msgstr "" +"Par défaut : non défini, c'est-à-dire que le TGT n'est pas renouvelable" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:311 @@ -6405,6 +6688,8 @@ msgid "" "Request ticket with a with a lifetime given by an integer immediately " "followed by one of the following delimiters:" msgstr "" +"Demande un ticket avec un temps de vie donné par un entier immédiatement " +"suivi par un des séparateurs suivant :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:335 @@ -6412,12 +6697,17 @@ msgid "" "Please note that it is not possible to mix units. If you want to set the " "lifetime to one and a half hours please use '90m' instead of '1h30m'." msgstr "" +"Veuillez noter qu'on ne peut pas mélanger les unités. Si vous voulez définir " +"un temps de vie de une heure et demi, veuillez utilisere « 90m » au lieu de " +"« 1h30 »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:340 msgid "" "Default: not set, i.e. the default ticket lifetime configured on the KDC." msgstr "" +"Par défaut : non définit, c'est-à-dire le temps de vie par défaut configuré " +"dans le KDC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:347 @@ -6430,11 +6720,16 @@ msgid "" "The time in seconds between two checks if the TGT should be renewed. TGTs " "are renewed if about half of their lifetime is exceeded." msgstr "" +"Le temps, en secondes, entre deux vérifications pour savoir si le TGT doit " +"être renouvellé. Les TGT sont renouvellés si environ la moitié de leur temps " +"de vie est dépassé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:355 msgid "If this option is not set or 0 the automatic renewal is disabled." msgstr "" +"Si cette option n'est pas définie ou mise à zéro le renouvellement " +"automatique est désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:365 @@ -6472,12 +6767,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:385 msgid "Default: not set, i.e. FAST is not used." -msgstr "Défaut : non défini, i.e. FAST n'est pas utilisé." +msgstr "Par défaut : non défini, i.e. FAST n'est pas utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:388 msgid "Please note that a keytab is required to use fast." msgstr "" +"Veuillez prendre note que le fichier keytab est nécessaire pour utiliser " +"FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:391 @@ -6495,7 +6792,7 @@ msgstr "krb5_fast_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:403 msgid "Specifies the server principal to use for FAST." -msgstr "" +msgstr "Spécifie le serveur principal pour utiliser FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:412 @@ -6532,6 +6829,10 @@ msgid "" " krb5_server = 192.168.1.1\n" " krb5_realm = EXAMPLE.COM\n" msgstr "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXEMPLE.COM\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:453 @@ -6563,6 +6864,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:32 @@ -6723,6 +7027,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:32 @@ -6836,19 +7143,19 @@ msgid "" "<replaceable>LOGIN</replaceable> to reflect the changes that are specified " "on the command line." msgstr "" -"<command>sss_usermod</command> modifie le compte défini par " +"<command>sss_usermod</command> modifie le compte définit par " "<replaceable>LOGIN</replaceable> pour refléter les modifications fournies en " "ligne de commande." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:60 msgid "The home directory of the user account." -msgstr "" +msgstr "Le répertoire personnel du compte utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:71 msgid "The user's login shell." -msgstr "" +msgstr "L'interpréteur de commandes de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:82 @@ -6913,6 +7220,321 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -6986,7 +7608,7 @@ msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" #. type: Content of: <refsect1><title> #: include/failover.xml:2 msgid "FAILOVER" -msgstr "FAILOVER" +msgstr "BASCULEMENT" #. type: Content of: <refsect1><para> #: include/failover.xml:4 @@ -6998,7 +7620,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:8 msgid "Failover Syntax" -msgstr "Syntaxe de Failover" +msgstr "Syntaxe de basculement" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:10 @@ -7011,7 +7633,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:17 msgid "The Failover Mechanism" -msgstr "Mécanisme de failover" +msgstr "Mécanisme de basculement" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:19 @@ -7052,5 +7674,112 @@ msgstr "<option>-h</option>,<option>--help</option>" msgid "Display help message and exit." msgstr "Affiche l'aide et quitte." -#~ msgid "Supported services: nss, pam" -#~ msgstr "Services supportés : nss, pam" +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/hu.po b/src/man/po/hu.po deleted file mode 100644 index c0edc5bfb..000000000 --- a/src/man/po/hu.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Hungarian <trans-hu@lists.fedoraproject.org>\n" -"Language: hu\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/id.po b/src/man/po/id.po deleted file mode 100644 index cc6d5aec3..000000000 --- a/src/man/po/id.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Indonesian <trans-id@lists.fedoraproject.org>\n" -"Language: id\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/it.po b/src/man/po/it.po deleted file mode 100644 index 03a22f0b0..000000000 --- a/src/man/po/it.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Italian <trans-it@lists.fedoraproject.org>\n" -"Language: it\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 63997473f..ffa0e593f 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -3,13 +3,16 @@ # This file is distributed under the same license as the sssd-docs package. # # Translators: +# Tadashi Jokagi <elf2000@gmail.com>, 2012. +# Tomoyuki KATO <tomo@dream.daynight.jp>, 2012. +# <www.carrotsoft@gmail.com>, 2012. msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-09 23:57+0000\n" +"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n" "Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n" "Language: ja\n" "MIME-Version: 1.0\n" @@ -22,27 +25,30 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" -msgstr "" +msgstr "SSSD マニュアル ページ" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 msgid "sss_groupmod" -msgstr "" +msgstr "sss_groupmod" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" -msgstr "" +msgstr "8" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupmod.8.xml:16 msgid "modify a group" -msgstr "" +msgstr "グループを変更します。" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupmod.8.xml:21 @@ -51,6 +57,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><title> #: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 @@ -58,8 +67,10 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" -msgstr "" +msgstr "概要" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:32 @@ -67,13 +78,17 @@ msgid "" "<command>sss_groupmod</command> modifies the group to reflect the changes " "that are specified on the command line." msgstr "" +"<command>sss_groupmod</command> はコマンドラインにおいて指定された変更を反映" +"するようグループを変更します。" #. type: Content of: <reference><refentry><refsect1><title> #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" -msgstr "" +msgstr "オプション" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 @@ -81,6 +96,8 @@ msgid "" "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" "replaceable>" msgstr "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:48 @@ -89,6 +106,9 @@ msgid "" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" +"このグループを <replaceable>GROUPS</replaceable> パラメーターにより指定された" +"グループに追加します。 <replaceable>GROUPS</replaceable> パラメーターはグルー" +"プ名のカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 @@ -96,6 +116,8 @@ msgid "" "<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" "replaceable>" msgstr "" +"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:62 @@ -103,16 +125,19 @@ msgid "" "Remove this group from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." msgstr "" +"このグループを <replaceable>GROUPS</replaceable> パラメーターにより指定された" +"グループから削除します。" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" -msgstr "" +msgstr "関連項目" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:74 @@ -127,34 +152,43 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.conf.5.xml:10 sssd.conf.5.xml:16 msgid "sssd.conf" -msgstr "" +msgstr "sssd.conf" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 msgid "5" -msgstr "" +msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 #: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 msgid "File Formats and Conventions" -msgstr "" +msgstr "ファイル形式および変換" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 #: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 msgid "the configuration file for SSSD" -msgstr "" +msgstr "SSSD の設定ファイル" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:21 msgid "FILE FORMAT" -msgstr "" +msgstr "ファイルフォーマット" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:29 @@ -165,6 +199,10 @@ msgid "" " <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" " " msgstr "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:24 @@ -174,6 +212,10 @@ msgid "" "until the next section begins. An example of section with single and multi-" "valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +"ファイルは ini 形式の構文を持ち、セクションとパラメーターから構成されます。セ" +"クションは角括弧にあるセクション名から始まり、次のセクションが始まるまで続き" +"ます。 1 つセクションと複数の値を持つパラメーターの例: <placeholder type=" +"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:36 @@ -181,6 +223,8 @@ msgid "" "The data types used are string (no quotes needed), integer and bool (with " "values of <quote>TRUE/FALSE</quote>)." msgstr "" +"使用されるデータ形式は、文字列(引用符は不要)、整数および論理値" +"(<quote>TRUE/FALSE</quote> の値)です。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 @@ -188,6 +232,8 @@ msgid "" "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>)" msgstr "" +"行コメントは、ハッシュ記号 (<quote>#</quote>) またはセミコロン (<quote>;</" +"quote>) から始まります。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:46 @@ -195,6 +241,8 @@ msgid "" "All sections can have an optional <replaceable>description</replaceable> " "parameter. Its function is only as a label for the section." msgstr "" +"すべてのセクションはオプションの <replaceable>description</replaceable> パラ" +"メーターを持てます。その機能はセクションのラベルとしてのみです。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:52 @@ -202,26 +250,28 @@ msgid "" "<filename>sssd.conf</filename> must be a regular file, owned by root and " "only root may read from or write to the file." msgstr "" +"<filename>sssd.conf</filename> は、root により所有され、root のみが読み書きで" +"きる、通常のファイルである必要があります。" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:58 msgid "SPECIAL SECTIONS" -msgstr "" +msgstr "特別セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:61 msgid "The [sssd] section" -msgstr "" +msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" -msgstr "" +msgstr "セクションのパラメーター" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:72 msgid "config_file_version (integer)" -msgstr "" +msgstr "config_file_version (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:75 @@ -229,28 +279,32 @@ msgid "" "Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " "version 2." msgstr "" +"設定ファイルの構文が何であるカを指示します。SSSD 0.6.0 およびそれ以降はバー" +"ジョン 2 を使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:81 msgid "services" -msgstr "" +msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:84 msgid "" "Comma separated list of services that are started when sssd itself starts." -msgstr "" +msgstr "sssd 自身が開始するときに開始されるサービスのカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:88 msgid "" "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" msgstr "" +"サポートされるサービス: nss, pam <phrase condition=\"with_sudo\">, sudo</" +"phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:94 sssd.conf.5.xml:257 msgid "reconnection_retries (integer)" -msgstr "" +msgstr "reconnection_retries (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:97 sssd.conf.5.xml:260 @@ -258,16 +312,18 @@ msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" +"データプロバイダーがクラッシュまたは再起動した場合、サービスが再接続をあきら" +"める前に試行する回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:102 sssd.conf.5.xml:265 msgid "Default: 3" -msgstr "" +msgstr "初期値: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:107 msgid "domains" -msgstr "" +msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:110 @@ -277,11 +333,14 @@ msgid "" "start. This parameter described the list of domains in the order you want " "them to be queried." msgstr "" +"ドメインはユーザー情報を含むデータベースです。SSSD は同時に複数のドメインを使" +"用できますが、少なくとも一つを設定する必要があります。さもなければ SSSD は開" +"始できません。このパラメーターは検索したいドメインの一覧を表されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:120 msgid "re_expression (string)" -msgstr "" +msgstr "re_expression (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:123 @@ -289,6 +348,8 @@ msgid "" "Regular expression that describes how to parse the string containing user " "name and domain into these components." msgstr "" +"これらの構成要素の中にあるユーザー名とドメインを含む文字列を構文解析する方法" +"を表す正規表現です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:127 @@ -297,6 +358,9 @@ msgid "" "which translates to \"the name is everything up to the <quote>@</quote> " "sign, the domain everything after that\"" msgstr "" +"初期値: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> で" +"す。\"the name is everything up to the <quote>@</quote> sign, the domain " +"everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:132 @@ -312,11 +376,13 @@ msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" +"関連注記: 古いバージョンの libpcre はサブパターンをラベル付けするために " +"Python 構文 (?P<name>) のみをサポートします。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:146 msgid "full_name_format (string)" -msgstr "" +msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:149 @@ -325,16 +391,19 @@ msgid "" "manvolnum> </citerefentry>-compatible format that describes how to translate " "a (name, domain) tuple into a fully qualified name." msgstr "" +"(名前、ドメイン)の組を完全修飾名に変換する方法を表す <citerefentry> " +"<refentrytitle>printf</refentrytitle> <manvolnum>3</manvolnum> </" +"citerefentry> 互換の形式です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:157 msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" +msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:162 msgid "try_inotify (boolean)" -msgstr "" +msgstr "try_inotify (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:165 @@ -344,6 +413,10 @@ msgid "" "this, and will fall back to polling resolv.conf every five seconds if " "inotify cannot be used." msgstr "" +"SSSD は、内部 DNS リゾルバーを更新する必要となるときを認識するために、resolv." +"conf の状態を監視します。初期状態では、このために inotify を使用しようとしま" +"す。inotify が使用できない場合 5 秒ごとに resolv.conf をポーリングするよう" +"フォールバックします。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:173 @@ -352,6 +425,9 @@ msgid "" "even trying to use inotify. In these rare cases, this option should be set " "to 'false'" msgstr "" +"inotify を使用することをスキップすることが望ましい、いくつかの制限された状況" +"があります。これらの珍しい場合では、このオプションが 'false' に設定されるべき" +"です" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:179 @@ -359,6 +435,8 @@ msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" +"初期値: inotify がサポートされるプラットフォームにおいては真です。他のプラッ" +"トフォームにおいては偽です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:183 @@ -366,11 +444,13 @@ msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" +"注: このオプションは inotify が利用不可能なプラットフォームにおいて効果があり" +"ません。これらのプラットフォームにおいては、ポーリングが常に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:190 msgid "krb5_rcache_dir (string)" -msgstr "" +msgstr "krb5_rcache_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:193 @@ -378,6 +458,8 @@ msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" +"SSSD が Kerberos リプレイキャッシュファイルを保存するファイルシステムのディレ" +"クトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:197 @@ -385,6 +467,8 @@ msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" +"このオプションは、libkrb5 がリプレイキャッシュに対する適切な場所を決められる" +"よう SSSD に指示する、特別な値 __LIBKRB5_DEFAULTS__ を受け付けます。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:203 @@ -392,6 +476,8 @@ msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" +"初期値: ディストリビューション固有かつ構築時に指定されます。 (設定されていな" +"ければ __LIBKRB5_DEFAULTS__ です)" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:63 @@ -403,11 +489,16 @@ msgid "" "some other important options like the identity domains. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"SSSD の機能の各部分は SSSD と一緒に開始および停止される特別な SSSD サービスに" +"より提供されます。特別なサービスにより管理されるサービスはよく<quote>モニター" +"</quote>と呼ばれます。<quote>[sssd]</quote> セクションは、モニターだけでな" +"く、識別ドメインのような他の重要なオプションを設定するために使用されます。 " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:216 msgid "SERVICES SECTIONS" -msgstr "" +msgstr "サービスセクション" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:218 @@ -417,118 +508,151 @@ msgid "" "section, for example, for NSS service, the section would be <quote>[nss]</" "quote>" msgstr "" +"異なるサービスを設定するために使用される設定がこのセクションに記述されます。" +"それらは [<replaceable>$NAME</replaceable>] セクションに置かれます。たとえ" +"ば、NSS サービスは <quote>[nss]</quote> セクションです" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:225 msgid "General service configuration options" -msgstr "" +msgstr "サービス設定の全体オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:227 msgid "These options can be used to configure any service." -msgstr "" +msgstr "これらのオプションはすべてのサービスを設定するために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:231 msgid "debug_level (integer)" -msgstr "" +msgstr "debug_level (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:235 msgid "debug_timestamps (bool)" -msgstr "" +msgstr "debug_timestamps (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:238 msgid "Add a timestamp to the debug messages" -msgstr "" +msgstr "デバッグメッセージに日時を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" -msgstr "" +msgstr "初期値: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:246 msgid "debug_microseconds (bool)" -msgstr "" +msgstr "debug_microseconds (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:249 msgid "Add microseconds to the timestamp in debug messages" -msgstr "" +msgstr "デバッグメッセージの日時にマイクロ秒を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 msgid "Default: false" -msgstr "" +msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 -msgid "command (string)" +msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:273 msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "command (文字列)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " "name for the service. In the vast majority of configurations, the default " "values should suffice." msgstr "" +"初期状態で、このサービスを代表する実行可能なものは <command>sssd_" +"${service_name}</command> と呼ばれます。このディレクティブにより、サービスの" +"実行可能なものの名前を変更できます。設定の大半は、初期値で十分です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" +msgstr "初期値: <command>sssd_${service_name}</command>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" -msgstr "" +msgstr "NSS 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" +"これらのオプションは Name Service Switch (NSS) サービスを設定するために使用で" +"きます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" -msgstr "" +msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" +"nss_sss が列挙をキャッシュする秒数です(すべてのユーザーに関する情報に対する" +"要求)。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" -msgstr "" +msgstr "初期値: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" -msgstr "" +msgstr "entry_cache_nowait_percentage (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " "for the domain." msgstr "" +"エントリーキャッシュは、ドメインに対して entry_cache_timeout の値を超えて要求" +"された場合に、バックグラウンドでエントリーを自動的に更新するよう設定できま" +"す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -536,519 +660,593 @@ msgid "" "but the SSSD will go and update the cache on its own, so that future " "requests will not need to block waiting for a cache update." msgstr "" +"たとえば、ドメインの entry_cache_timeout が 30s に設定され、" +"entry_cache_nowait_percentage が 50 (%) に設定されていると、エントリーが 15 " +"秒経過後にきて、最新の更新キャッシュが直ちに返されます。しかし、SSSD が自身に" +"キャッシュされ、更新されます。そのため、その先の要求はキャッシュ更新を待つこ" +"とをブロックする必要がありません。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " "percentage will never reduce the nowait timeout to less than 10 seconds. (0 " "disables this feature)" msgstr "" +"このオプションに対して有効な値は 0-99 です。各ドメインに対する " +"entry_cache_timeout のパーセンテージを表します。性能上の理由から、このパーセ" +"ンテージは 10 秒よりも小さく nowait タイムアウトを減らすべきではありません。" +"(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" -msgstr "" +msgstr "初期値: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" -msgstr "" +msgstr "entry_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " "before asking the back end again." msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にネガティブキャッシュヒット(つま" +"り、存在しないドメインのように、無効なデータベースエントリーに対する問い合わ" +"せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" -msgstr "" +msgstr "初期値: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" -msgstr "" +msgstr "filter_users, filter_groups (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" "domain or include fully-qualified names to filter only users from the " "particular domain." msgstr "" +"sss NSS データベースから取り出されたものから特定のユーザーを除外します。これ" +"はとくにシステムアカウントに対して有効です。このオプションはドメインごとに設" +"定できます。または特定のドメインからユーザーのみをフィルターするために完全修" +"飾名を含めることができます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" -msgstr "" +msgstr "初期値: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" -msgstr "" +msgstr "filter_users_in_groups (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" +"フィルターされたユーザーがまだグループメンバーのままにしたいならば、このオプ" +"ションを偽に設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" -msgstr "" +msgstr "override_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" -msgstr "" +msgstr "%u" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" -msgstr "" +msgstr "ログイン名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" -msgstr "" +msgstr "%U" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" -msgstr "" +msgstr "UID 番号" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" -msgstr "" +msgstr "%d" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" -msgstr "" +msgstr "ドメイン名" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" -msgstr "" +msgstr "%f" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" -msgstr "" +msgstr "完全修飾ユーザー名 (user@domain)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" -msgstr "" +msgstr "%%" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" -msgstr "" +msgstr "文字 '%'" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"ユーザーのホームディレクトリーを上書きします。絶対パスまたはテンプレートを提" +"供できます。テンプレートでは、以下のシーケンスが置換されます: <placeholder " +"type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." -msgstr "" +msgstr "このオプションはドメインごとに設定できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" -msgstr "" +msgstr "allowed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" +"ユーザーのシェルを一覧にある値のどれかに制限します。評価の順番は次のとおりで" +"す:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" +"1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" +"2. シェルが allowed_shells 一覧にあるが、<quote>/etc/shells</quote> になけれ" +"ば、shell_fallback パラメーターの値を使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" +"3. シェルが allowed_shells 一覧になく、<quote>/etc/shells</quote> にもなけれ" +"ば、nologin シェルが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." -msgstr "" +msgstr "シェルの空文字列は libc にそのまま渡されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" +"<quote>/etc/shells</quote> は SSSD が開始されるときにのみ読み込まれます。これ" +"は新しいシェルがインストールされた場合 SSSD の再起動が必要になることを意味し" +"ます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." -msgstr "" +msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" -msgstr "" +msgstr "vetoed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" +msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" -msgstr "" +msgstr "shell_fallback (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" +"許可されたシェルがマシンにインストールされていない場合に使用する標準シェルで" +"す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" -msgstr "" +msgstr "初期値: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" -msgstr "" +msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" +"これらのオプションは Pluggable Authentication Module (PAM) サービスを設定する" +"ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" -msgstr "" +msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" +"認証プロバイダーがオフラインの場合に、キャッシュログインを許可する時間(オン" +"ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" -msgstr "" +msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" -msgstr "" +msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" +"認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" -msgstr "" +msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" +"新しいログイン試行が可能になる前に offline_failed_login_attempts に達した後に" +"渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " "authentication can enable offline authentication again." msgstr "" +"0 に設定されていると、offline_failed_login_attempts に達した場合、ユーザーが" +"オフライン認証できません。オンライン認証に成功すると、再びオフライン認証を有" +"効にできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" -msgstr "" +msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" -msgstr "" +msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" +"認証中にユーザーに表示されるメッセージの種類を制御します。数字が大きければ大" +"きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" -msgstr "" +msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" +msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" +msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" +msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" +msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" -msgstr "" +msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" -msgstr "" +msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " "ensure that authentication takes place with the latest information." msgstr "" +"SSSD がオンラインの間はすべての PAM 要求に対して、ユーザーが最新の情報で認証" +"されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" "client-application basis) how long (in seconds) we can cache the identity " "information to avoid excessive round-trips to the identity provider." msgstr "" +"完全な PAM のやりとりは、アカウント管理やセッション開始のように、複数の PAM " +"要求を実行できます。このオプションは、識別プロバイダーに対する過剰なラウンド" +"トリップを避けるために識別情報をキャッシュできる時間(秒数)を(クライアント" +"アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" -msgstr "" +msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." -msgstr "" +msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning." msgstr "" +"バックエンドのサーバーがパスワードの有効期間に関する情報を提供する必要がある" +"ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" -msgstr "" +msgstr "初期値: 7" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" -msgstr "" +msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." -msgstr "" +msgstr "これらのオプションは sudo サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" -msgstr "" +msgstr "sudo_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " "ruleset." msgstr "" +"SSSD がオンラインの間はすべての sudo 要求に対して、sudo が確実に最新のルール" +"セットを持つよう、SSSD はキャッシュされたルールを更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " "the sudo service maintains an in-memory cache that would be used for " "performing fast replies." msgstr "" +"しかしながら、ユーザーが複数の sudo コマンドを正常に実行できます。これは複数" +"の LDAP 要求を発行します。この使用法を高速化するために、sudo サービスは素早い" +"応答を返すために使用されるインメモリーキャッシュを保持します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" +"このオプションは sudo サービスがユーザーのルールをキャッシュできる時間(秒単" +"位)を制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 +#: sssd.conf.5.xml:645 msgid "Default: 180" -msgstr "" +msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" -msgstr "" +msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" +"時間依存の sudoers エントリーを実装する sudoNotBefore と sudoNotAfter の属性" +"を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" -msgstr "" +msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." -msgstr "" +msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" -msgstr "" +msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" +"autofs レスポンダーのネガティブキャッシュ(つまり、存在しないもののように、無" +"効なマップエントリーに対する問い合わせ)が再びバックエンドに問い合わせる前に" +"ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" -msgstr "" +msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" -msgstr "" +msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" +"ドメインに対する UID と GID の制限です。ドメインがこれらの制限の外にあるエン" +"トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" "primary group memberships, those that are in range will be reported as " "expected." msgstr "" +"ユーザーに対して、これはプライマリー GID 制限に影響します。 UID またはプライ" +"マリー GID が範囲外ならば、ユーザーは NSS に返されません。非プライマリーメン" +"バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" +msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" -msgstr "" +msgstr "timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" +"このドメインに対するハートビート間隔(秒単位)。バックエンドのプロセスが有効" +"であり、要求に答えられる能力があることを確実にするために使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" -msgstr "" +msgstr "初期値: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" -msgstr "" +msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" +"ドメインが列挙できるかを決定します。このパラメーターは以下の値のどれかである" +"必要があります:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" -msgstr "" +msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" -msgstr "" +msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" -msgstr "" +msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1056,668 +1254,791 @@ msgid "" "information will go directly to LDAP, though it may be slow, due to the " "heavy enumeration processing." msgstr "" +"注: 列挙を有効にすることにより、列挙の実行中に SSSD にわずかな性能の影響があ" +"ります。列挙を完全に完了するには SSSD が開始後に数分間時間がかかります。この" +"間は、それぞれの情報の要求は直接 LDAP に行きますが、重い列挙処理のため、それ" +"は遅いかもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" +"最初の列挙が実行中の間、完全なユーザーまたはグループの一覧に対する要求は、そ" +"れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " "enumeration lookups are completed successfully. For more information, refer " "to the man pages for the specific id_provider in use." msgstr "" +"さらに、列挙を有効にすることにより、挙の検索が確実に正しく完了するよりも長く" +"する必要があるので、ネットワーク切断を検知するために必要な時間が増える可能性" +"があります。詳細は使用している具体的な id_provider のマニュアルページを参照し" +"てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" -msgstr "" +msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にエントリーを有効であると考える秒" +"数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" -msgstr "" +msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" -msgstr "" +msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にユーザーエントリーを有効であると" +"考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" -msgstr "" +msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" -msgstr "" +msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にグループエントリーを有効であると" +"考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" +msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にネットワークグループエントリーを" +"有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" -msgstr "" +msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" +"nss_sss が再びバックエンドに問い合わせる前にサービスエントリーを有効であると" +"考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" -msgstr "" +msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" +"ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" +"を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" +"ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" -msgstr "" +msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " "value of this parameter must be greater than or equal to " "offline_credentials_expiration." msgstr "" +"正常にログイン後、キャッシュのクリーンアップ中にエントリーが削除される前の日" +"数です。 0 は永久に保持することを意味します。このパラメーターの値は " +"offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" -msgstr "" +msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" -msgstr "" +msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" +"このドメインに対して使用するデータプロバイダーの識別情報のバックエンドです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" -msgstr "" +msgstr "サポートするバックエンド:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" -msgstr "" +msgstr "proxy: レガシーな NSS プロバイダーのサポート" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" -msgstr "" +msgstr "local: SSSD 内部ローカルプロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" -msgstr "" +msgstr "ldap: LDAP プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" -msgstr "" +msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " "<command>getent passwd test</command> wouldn't find the user while " "<command>getent passwd test@LOCAL</command> would." msgstr "" +"TRUE に設定されていると、このドメインへのすべての要求は完全修飾名を使用する必" +"要があります。たとえば、 \"test\" ユーザーを含む LOCAL ドメインにおいて使用さ" +"れていると、<command>getent passwd test</command> はユーザーを見つけられませ" +"んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" -msgstr "" +msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" +"ドメインに対して使用される認証プロバイダーです。サポートされる認証プロバイ" +"ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> は本来の LDAP 認証向けです。LDAP の設定に関する詳細は " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote> は Kerberos 認証向けです。Kerberos の設定に関する詳細は " +"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" +"<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" +msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" +"初期値: <quote>id_provider</quote> が設定され、認証要求を取り扱うことができる" +"ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" -msgstr "" +msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " "Internal special providers are:" msgstr "" +"ドメインに対して使用されるアクセス制御プロバイダーです。 2 つの組み込みアクセ" +"スプロバイダーがあります(インストールされたバックエンドに含まれるすべてを加" +"えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." -msgstr "" +msgstr "<quote>permit</quote> は常にアクセスを許可します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." -msgstr "" +msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for more information on configuring the simple " "access module." msgstr "" +"<quote>simple</quote> アクセス制御はアクセスまたは拒否の一覧に基づきます。" +"simple アクセスモジュールの設定に関する詳細は <citerefentry> " +"<refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</manvolnum></" +"citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" -msgstr "" +msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" -msgstr "" +msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" +"ドメインに対するパスワード変更操作を取り扱うプロバイダーです。サポートされる" +"パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" +"<quote>ipa</quote> は IPA サーバーに保存されているパスワードを変更します。 " +"IPA の設定に関する詳細は <citerefentry> <refentrytitle>sssd-ipa</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> は LDAP サーバーに保存されているパスワードを変更します。 " +"LDAP の設定に関する詳細は <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote> は Kerberos のパスワードを変更します。 Kerberos の設定に" +"関する詳細は <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" +"<quote>proxy</quote> はいくつかの他の PAM ターゲットにパスワードの変更を中継" +"します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" +msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" +"初期値: <quote>auth_provider</quote> が設定され、パスワードの変更要求を取り扱" +"うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" -msgstr "" +msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" +"ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" +"は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> は LDAP に保存されているルールのためです。LDAP の設定に関" +"する詳細は <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" +msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" +"初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" -msgstr "" +msgstr "session_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" +"セッションの設定の読み込みを処理するプロバイダーです。サポートされるセッショ" +"ンプロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" +"<quote>ipa</quote> は IPA サーバーからセッションの設定を読み込みます。IPA の" +"設定に関する詳細は <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" +"<quote>none</quote> はセッションの設定の取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" +"初期値: <quote>id_provider</quote> が設定され、セッション読み込み要求を取り扱" +"いできる場合、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" -msgstr "" +msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" +"DNS 検索を実行するときに使用する、優先アドレスファミリーを選択する機能を提供" +"します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" -msgstr "" +msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" +"ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" +"ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" +"ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" +"ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" -msgstr "" +msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" -msgstr "" +msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " "the domain will continue to operate in offline mode." msgstr "" +"DNS リゾルバーが到達不可能であると仮定するまでに、そこからの応答を待つ時間" +"(秒単位)を定義します。このタイムアウトに達すると、ドメインはオフラインモー" +"ドにて操作を継続します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" -msgstr "" +msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" +"サービス検索がバックエンドで使用されていると、サービス検索 DNS クエリーのドメ" +"イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" -msgstr "" +msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" -msgstr "" +msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." -msgstr "" +msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" -msgstr "" +msgstr "case_sensitive (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" +"ユーザー名とグループ名が大文字小文字を区別するよう取り扱います。今のところ、" +"このオプションはローカルプロバイダーにおいてサポートされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" -msgstr "" +msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"これらの設定オプションはドメイン設定のセクション、つまり <quote>[domain/" +"<replaceable>NAME</replaceable>]</quote> に存在します <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" -msgstr "" +msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." -msgstr "" +msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" +"初期値: 設定されません。既存の PAM 設定を使用するか、新しく作成してサービス名" +"をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" -msgstr "" +msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " "for example _nss_files_getpwent." msgstr "" +"プロキシードメインにおいて使用する NSS ライブラリーの名前です。ライブラリーに" +"おいて検索する NSS 関数は _nss_$(libName)_$(function) の形式です。たとえば " +"_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" +"プロキシドメインに対して有効なオプションです。 <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" -msgstr "" +msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " "<replaceable>id_provider=local</replaceable>." msgstr "" +"このセクションは、ユーザーとグループを SSSD ネイティブデータベースに保存する" +"ドメイン、つまり、 <replaceable>id_provider=local</replaceable> を使用するド" +"メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" -msgstr "" +msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." -msgstr "" +msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" -msgstr "" +msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" -msgstr "" +msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" +"ツールがログイン名を <replaceable>base_directory</replaceable> に追加して、" +"ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" -msgstr "" +msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" -msgstr "" +msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" +"初期状態で新規ユーザーに対するホームディレクトリーが作成されるかを指示しま" +"す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" -msgstr "" +msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" -msgstr "" +msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" +"初期状態で新規ユーザーに対するホームディレクトリーが削除されるかを指示しま" +"す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" -msgstr "" +msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " "on a newly created home directory." msgstr "" +"新規に作成されるホームディレクトリーにパーミッションの初期値を指定するために " +"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" -msgstr "" +msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" -msgstr "" +msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" +"ホームディレクトリーが <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> により作成されると" +"き、ユーザーのホームディレクトリーにコピーされるファイルおよびディレクトリー" +"を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" -msgstr "" +msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" -msgstr "" +msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " "default value is used." msgstr "" +"メールスプールディレクトリーです。これに対応するユーザーアカウントが変更また" +"は削除されたとき、これを操作する必要があります。指定されていなければ、初期値" +"が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" -msgstr "" +msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" -msgstr "" +msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " "return code of the command is not taken into account." msgstr "" +"ユーザーの削除後に実行されるコマンドです。コマンドは最初の唯一のパラメーター" +"として削除されるユーザーのユーザー名を渡します。コマンドの返り値は考慮されま" +"せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" -msgstr "" +msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" -msgstr "" +msgstr "例" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1745,18 +2066,45 @@ msgid "" "max_id = 20000\n" "enumerate = False\n" msgstr "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " "configuring domains for more details. <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" +"以下の例は SSSD の一般的な設定を示します。ドメイン自身の設定を説明していませ" +"ん - ドメインの設定に関する詳細はドキュメントを参照してください。 " +"<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -1773,11 +2121,25 @@ msgid "" "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 msgid "sssd-ldap" -msgstr "" +msgstr "sssd-ldap" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 @@ -1788,11 +2150,16 @@ msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for detailed syntax information." msgstr "" +"このマニュアルページは <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> 向けの LDAP ドメインの設定を説明して" +"います。詳細な構文については <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページの " +"<quote>ファイル形式</quote> セクションを参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:35 msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" +msgstr "SSSD が複数の LDAP ドメインを使用するよう設定できます。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:38 @@ -1805,17 +2172,24 @@ msgid "" "<quote>ldap_access_filter</quote> config option for more information about " "using LDAP as an access provider." msgstr "" +"LDAP バックエンドは id, auth, access および chpass プロバイダーをサポートしま" +"す。 LDAP サーバーに対して認証したければ、 TLS/SSL または LDAPS のどちらかが" +"必要になります。 <command>sssd</command> は暗号化されないチャネルにおける認証" +"はサポート<emphasis>されません</emphasis>。 LDAP サーバーが識別プロバイダーと" +"してのみ使用されるならば、暗号化チャネルは必要ありません。アクセスプロバイ" +"ダーとして LDAP を使用することの詳細は <quote>ldap_access_filter</quote> 設定" +"オプションを参照してください。" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" -msgstr "" +msgstr "設定オプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri (string)" -msgstr "" +msgstr "ldap_uri (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 @@ -1830,28 +2204,30 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:70 msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" +msgstr "URI の形式は RFC 2732 に決められている形式と一致しなければいけません:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:73 msgid "ldap[s]://<host>[:port]" -msgstr "" +msgstr "ldap[s]://<host>[:port]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:76 msgid "" "For explicit IPv6 addresses, <host> must be enclosed in brackets []" msgstr "" +"IPv6 アドレスを明示するために、<host> を角括弧 [] でくくる必要がありま" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:79 msgid "example: ldap://[fc00::126:25]:389" -msgstr "" +msgstr "例: ldap://[fc00::126:25]:389" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:85 msgid "ldap_chpass_uri (string)" -msgstr "" +msgstr "ldap_chpass_uri (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:88 @@ -1866,21 +2242,23 @@ msgstr "" #: sssd-ldap.5.xml:95 msgid "To enable service discovery ldap_chpass_dns_service_name must be set." msgstr "" +"サービス discovery ldap_chpass_dns_service_name を有効にするには、設定する必" +"要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:99 msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" +msgstr "初期値: 空、つまり ldap_uri が使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:105 msgid "ldap_search_base (string)" -msgstr "" +msgstr "ldap_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:108 msgid "The default base DN to use for performing LDAP user operations." -msgstr "" +msgstr "LDAP ユーザー操作を実行するために使用される初期ベース DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:112 @@ -1888,16 +2266,17 @@ msgid "" "Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " "syntax:" msgstr "" +"SSSD 1.7.0 以降、SSSD は次の構文を使用して複数の検索ベースをサポートします:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:116 msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" +msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:119 msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" +msgstr "範囲は \"base\", \"onelevel\" または \"subtree\" のどれかです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:122 @@ -1905,11 +2284,13 @@ msgid "" "The filter must be a valid LDAP search filter as specified by http://www." "ietf.org/rfc/rfc2254.txt" msgstr "" +"フィルターは http://www.ietf.org/rfc/rfc2254.txt により指定されたような有効" +"な LDAP 検索フィルターである必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:126 msgid "Examples:" -msgstr "" +msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:129 @@ -1917,6 +2298,8 @@ msgid "" "ldap_search_base = dc=example,dc=com (which is equivalent to) " "ldap_search_base = dc=example,dc=com?subtree?" msgstr "" +"ldap_search_base = dc=example,dc=com (which is equivalent to) " +"ldap_search_base = dc=example,dc=com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:134 @@ -1924,6 +2307,8 @@ msgid "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" msgstr "" +"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" +"(host=thishost)?dc=example.com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:137 @@ -1948,7 +2333,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:158 msgid "ldap_schema (string)" -msgstr "" +msgstr "ldap_schema (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:161 @@ -1963,56 +2348,64 @@ msgid "" "members are listed by DN and stored in the <emphasis>member</emphasis> " "attribute." msgstr "" +"ターゲット LDAP サーバーにおいて使用中のスキーマ形式を指定します。選択された" +"スキーマに応じて、サーバーから取得される属性名の初期変わります。処理されるい" +"くつかの属性も変わります。現在 3 つのスキーマ形式がサポートされます: " +"rfc2307, rfc2307bis, IPA 。これらのスキーマ形式のおもな違いは、グループのメン" +"バーがサーバーにおいてどのように記録されるかです。rfc2307 を使用すると、グ" +"ループのメンバーは <emphasis>memberUid</emphasis> 属性に名前により一覧化され" +"ます。rfc2307bis および IPA を使用すると、グループのメンバーは DN により一覧" +"化され、<emphasis>member</emphasis> 属性に保存されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:180 msgid "Default: rfc2307" -msgstr "" +msgstr "初期値: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:186 msgid "ldap_default_bind_dn (string)" -msgstr "" +msgstr "ldap_default_bind_dn (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:189 msgid "The default bind DN to use for performing LDAP operations." -msgstr "" +msgstr "LDAP ユーザー操作を実行するために使用される初期バインド DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:196 msgid "ldap_default_authtok_type (string)" -msgstr "" +msgstr "ldap_default_authtok_type (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:199 msgid "The type of the authentication token of the default bind DN." -msgstr "" +msgstr "初期バインド DN の認証トークンの形式です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:203 msgid "The two mechanisms currently supported are:" -msgstr "" +msgstr "現在 2 つのメカニズムがサポートされます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:206 msgid "password" -msgstr "" +msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:209 msgid "obfuscated_password" -msgstr "" +msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 msgid "Default: password" -msgstr "" +msgstr "初期値: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:218 msgid "ldap_default_authtok (string)" -msgstr "" +msgstr "ldap_default_authtok (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:221 @@ -2020,148 +2413,150 @@ msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" +"デフォルトのバインド DN の認証トークンです。平文テキストのパスワードのみが現" +"在サポートされます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:228 msgid "ldap_user_object_class (string)" -msgstr "" +msgstr "ldap_user_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:231 msgid "The object class of a user entry in LDAP." -msgstr "" +msgstr "LDAP にあるユーザーエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:234 msgid "Default: posixAccount" -msgstr "" +msgstr "初期値: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:240 msgid "ldap_user_name (string)" -msgstr "" +msgstr "ldap_user_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:243 msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" +msgstr "ユーザーのログイン名に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:247 msgid "Default: uid" -msgstr "" +msgstr "初期値: uid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:253 msgid "ldap_user_uid_number (string)" -msgstr "" +msgstr "ldap_user_uid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:256 msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" +msgstr "ユーザーの ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:260 msgid "Default: uidNumber" -msgstr "" +msgstr "初期値: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:266 msgid "ldap_user_gid_number (string)" -msgstr "" +msgstr "ldap_user_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:269 msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" +msgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 msgid "Default: gidNumber" -msgstr "" +msgstr "初期値: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:279 msgid "ldap_user_gecos (string)" -msgstr "" +msgstr "ldap_user_gecos (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:282 msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" +msgstr "ユーザーの gecos 項目に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:286 msgid "Default: gecos" -msgstr "" +msgstr "初期値: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:292 msgid "ldap_user_home_directory (string)" -msgstr "" +msgstr "ldap_user_home_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:295 msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" +msgstr "ユーザーのホームディレクトリーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:299 msgid "Default: homeDirectory" -msgstr "" +msgstr "初期値: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:305 msgid "ldap_user_shell (string)" -msgstr "" +msgstr "ldap_user_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:308 msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" +msgstr "ユーザーの初期シェルのパスを含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:312 msgid "Default: loginShell" -msgstr "" +msgstr "初期値: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:318 msgid "ldap_user_uuid (string)" -msgstr "" +msgstr "ldap_user_uuid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:321 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" +msgstr "LDAP ユーザーオブジェクトの UUID/GUID を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 msgid "Default: nsUniqueId" -msgstr "" +msgstr "初期値: nsUniqueId" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:331 msgid "ldap_user_modify_timestamp (string)" -msgstr "" +msgstr "ldap_user_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." -msgstr "" +msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 msgid "Default: modifyTimestamp" -msgstr "" +msgstr "初期値: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:344 msgid "ldap_user_shadow_last_change (string)" -msgstr "" +msgstr "ldap_user_shadow_last_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:347 @@ -2171,16 +2566,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " "the last password change)." msgstr "" +"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> の対応部分(最終パスワード変更日)に対応する LDAP 属性の名前を" +"含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:357 msgid "Default: shadowLastChange" -msgstr "" +msgstr "初期値: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:363 msgid "ldap_user_shadow_min (string)" -msgstr "" +msgstr "ldap_user_shadow_min (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:366 @@ -2190,16 +2589,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " "password age)." msgstr "" +"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> の対応部分(最小パスワード期限)に対応する LDAP 属性の名前を含" +"みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:375 msgid "Default: shadowMin" -msgstr "" +msgstr "初期値: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:381 msgid "ldap_user_shadow_max (string)" -msgstr "" +msgstr "ldap_user_shadow_max (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:384 @@ -2209,16 +2612,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " "password age)." msgstr "" +"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> の対応部分(最大パスワード期限)に対応する LDAP 属性の名前を含" +"みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:393 msgid "Default: shadowMax" -msgstr "" +msgstr "初期値: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:399 msgid "ldap_user_shadow_warning (string)" -msgstr "" +msgstr "ldap_user_shadow_warning (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:402 @@ -2228,16 +2635,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password warning period)." msgstr "" +"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> の対応部分(パスワード警告期間)に対応する LDAP 属性の名前を含" +"みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:412 msgid "Default: shadowWarning" -msgstr "" +msgstr "初期値: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:418 msgid "ldap_user_shadow_inactive (string)" -msgstr "" +msgstr "ldap_user_shadow_inactive (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:421 @@ -2247,16 +2658,20 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password inactivity period)." msgstr "" +"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> の対応部分(パスワード無効期間)に対応する LDAP 属性の名前を含" +"みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:431 msgid "Default: shadowInactive" -msgstr "" +msgstr "初期値: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_expire (string)" -msgstr "" +msgstr "ldap_user_shadow_expire (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:440 @@ -2266,16 +2681,20 @@ msgid "" "<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> counterpart (account expiration date)." msgstr "" +"ldap_pwd_policy=shadow を使用するとき、このパラメーターは <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> の対応部分(アカウント失効日)に対応する LDAP 属性の名前を含み" +"ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:450 msgid "Default: shadowExpire" -msgstr "" +msgstr "初期値: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:456 msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" +msgstr "ldap_user_krb_last_pwd_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:459 @@ -2284,16 +2703,18 @@ msgid "" "an LDAP attribute storing the date and time of last password change in " "kerberos." msgstr "" +"ldap_pwd_policy=mit_kerberos を使用しているとき、このパラメーターは Kerberos " +"の最終パスワード変更日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:465 msgid "Default: krbLastPwdChange" -msgstr "" +msgstr "初期値: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:471 msgid "ldap_user_krb_password_expiration (string)" -msgstr "" +msgstr "ldap_user_krb_password_expiration (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:474 @@ -2301,16 +2722,18 @@ msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" +"ldap_pwd_policy=mit_kerberos を使用しているとき、このパラメーターは現在のパス" +"ワード失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:480 msgid "Default: krbPasswordExpiration" -msgstr "" +msgstr "初期値: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:486 msgid "ldap_user_ad_account_expires (string)" -msgstr "" +msgstr "ldap_user_ad_account_expires (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:489 @@ -2318,16 +2741,18 @@ msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" +"ldap_account_expire_policy=ad を使用するとき、このパラメーターはアカウントの" +"失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:494 msgid "Default: accountExpires" -msgstr "" +msgstr "初期値: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:500 msgid "ldap_user_ad_user_account_control (string)" -msgstr "" +msgstr "ldap_user_ad_user_account_control (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:503 @@ -2335,16 +2760,18 @@ msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" +"ldap_account_expire_policy=ad を使用するとき、このパラメーターはユーザーアカ" +"ウントの制御ビット項目を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:508 msgid "Default: userAccountControl" -msgstr "" +msgstr "初期値: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:514 msgid "ldap_ns_account_lock (string)" -msgstr "" +msgstr "ldap_ns_account_lock (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:517 @@ -2352,16 +2779,18 @@ msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" +"ldap_account_expire_policy=rhds または同等のものを使用するとき、このパラメー" +"ターがアクセスが許可されるかされないかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:522 msgid "Default: nsAccountLock" -msgstr "" +msgstr "初期値: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:528 msgid "ldap_user_nds_login_disabled (string)" -msgstr "" +msgstr "ldap_user_nds_login_disabled (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:531 @@ -2369,16 +2798,18 @@ msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" +"ldap_account_expire_policy=nds を使用するとき、アクセスが許可されるかされない" +"かをこの属性が決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 msgid "Default: loginDisabled" -msgstr "" +msgstr "初期値: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:541 msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" +msgstr "ldap_user_nds_login_expiration_time (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:544 @@ -2386,11 +2817,13 @@ msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" +"ldap_account_expire_policy=nds を使用しているとき、この属性はデータアクセスが" +"いつまで許可されるのかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:555 msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" +msgstr "ldap_user_nds_login_allowed_time_map (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:558 @@ -2398,43 +2831,45 @@ msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" +"ldap_account_expire_policy=nds を使用しているとき、この属性はアクセスが許可さ" +"れるときの一週間の日の時間を決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:563 msgid "Default: loginAllowedTimeMap" -msgstr "" +msgstr "初期値: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:569 msgid "ldap_user_principal (string)" -msgstr "" +msgstr "ldap_user_principal (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:572 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." -msgstr "" +msgstr "ユーザーの Kerberos User Principal Name (UPN) を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:576 msgid "Default: krbPrincipalName" -msgstr "" +msgstr "初期値: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:582 msgid "ldap_user_ssh_public_key (string)" -msgstr "" +msgstr "ldap_user_ssh_public_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:585 msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" +msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:592 msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" +msgstr "ldap_force_upper_case_realm (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:595 @@ -2444,11 +2879,14 @@ msgid "" "fail. Set this option to a non-zero value if you want to use an upper-case " "realm." msgstr "" +"いくつかのディレクトリーサーバー、たとえば Active Directory、は小文字のレルム" +"を転送しません。それにより、認証が失敗します。もし大文字のレルムを使用したい" +"場合、このオプションを 0 以外に設定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:608 msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:611 @@ -2456,16 +2894,17 @@ msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" +"SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 msgid "Default: 300" -msgstr "" +msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:622 msgid "ldap_purge_cache_timeout (integer)" -msgstr "" +msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:625 @@ -2474,53 +2913,56 @@ msgid "" "with no members and users who have never logged in) and remove them to save " "space." msgstr "" +"使用していないエントリー(メンバーのいないグループやログインしたことがない" +"ユーザーなど)に対してキャッシュを確認して、保存領域を節約するためにそれらを" +"削除する間隔を決めます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:631 msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" +msgstr "キャッシュ削除操作を無効にする 0 をこのオプションを設定する方法です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:635 msgid "Default: 10800 (12 hours)" -msgstr "" +msgstr "初期値: 10800 (12 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:641 msgid "ldap_user_fullname (string)" -msgstr "" +msgstr "ldap_user_fullname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:644 msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" +msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 #: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 #: sssd-ipa.5.xml:422 msgid "Default: cn" -msgstr "" +msgstr "初期値: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:654 msgid "ldap_user_member_of (string)" -msgstr "" +msgstr "ldap_user_member_of (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:657 msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" +msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 msgid "Default: memberOf" -msgstr "" +msgstr "初期値: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:667 msgid "ldap_user_authorized_service (string)" -msgstr "" +msgstr "ldap_user_authorized_service (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:670 @@ -2529,6 +2971,9 @@ msgid "" "use the presence of the authorizedService attribute in the user's LDAP entry " "to determine access privilege." msgstr "" +"もし access_provider=ldap かつ ldap_access_order=authorized_service ならば、" +"SSSD はアクセス権限を決定するために、ユーザーの LDAP エントリーにある " +"authorizedService 属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:677 @@ -2536,16 +2981,18 @@ msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" +"明示的な拒否 (!svc) が始めに解決されます。次に SSSD は明示的な許可 (svc) を検" +"索します。最後にすべて許可 (*) を検索します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:682 msgid "Default: authorizedService" -msgstr "" +msgstr "初期値: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:688 msgid "ldap_user_authorized_host (string)" -msgstr "" +msgstr "ldap_user_authorized_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:691 @@ -2554,6 +3001,9 @@ msgid "" "presence of the host attribute in the user's LDAP entry to determine access " "privilege." msgstr "" +"access_provider=ldap かつ ldap_access_order=host ならば、 SSSD はアクセス権限" +"を決めるために、ユーザーの LDAP エントリーにあるホスト属性の存在を使用しま" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:697 @@ -2561,81 +3011,83 @@ msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" +"明示的な拒否 (!host) がまず解決されます。次に SSSD が明示的な許可 (host) を検" +"索します。最後にすべて許可 (*) が検索されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:702 msgid "Default: host" -msgstr "" +msgstr "初期値: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:708 msgid "ldap_group_object_class (string)" -msgstr "" +msgstr "ldap_group_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:711 msgid "The object class of a group entry in LDAP." -msgstr "" +msgstr "LDAP にあるグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:714 msgid "Default: posixGroup" -msgstr "" +msgstr "初期値: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:720 msgid "ldap_group_name (string)" -msgstr "" +msgstr "ldap_group_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:723 msgid "The LDAP attribute that corresponds to the group name." -msgstr "" +msgstr "グループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:733 msgid "ldap_group_gid_number (string)" -msgstr "" +msgstr "ldap_group_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:736 msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" +msgstr "グループの ID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:746 msgid "ldap_group_member (string)" -msgstr "" +msgstr "ldap_group_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:749 msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" +msgstr "グループのメンバーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:753 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" +msgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:759 msgid "ldap_group_uuid (string)" -msgstr "" +msgstr "ldap_group_uuid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:762 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" +msgstr "LDAP グループオブジェクトの UUID/GUID を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:772 msgid "ldap_group_modify_timestamp (string)" -msgstr "" +msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:785 msgid "ldap_group_nesting_level (integer)" -msgstr "" +msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:788 @@ -2644,176 +3096,185 @@ msgid "" "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" +"ldap_schema が入れ子グループ (例: RFC2307bis) をサポートするスキーマ形式に設" +"定されていると、このオプションが入れ子 SSSD がしたがうレベルを制御します。こ" +"のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:795 msgid "Default: 2" -msgstr "" +msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:801 msgid "ldap_netgroup_object_class (string)" -msgstr "" +msgstr "ldap_netgroup_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:804 msgid "The object class of a netgroup entry in LDAP." -msgstr "" +msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:807 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" +"IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:811 msgid "Default: nisNetgroup" -msgstr "" +msgstr "初期値: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:817 msgid "ldap_netgroup_name (string)" -msgstr "" +msgstr "ldap_netgroup_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:820 msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" +msgstr "ネットワークグループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:824 msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" +msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:834 msgid "ldap_netgroup_member (string)" -msgstr "" +msgstr "ldap_netgroup_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:837 msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" +msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:841 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" +"IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:845 msgid "Default: memberNisNetgroup" -msgstr "" +msgstr "初期値: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:851 msgid "ldap_netgroup_triple (string)" -msgstr "" +msgstr "ldap_netgroup_triple (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:854 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" +"ネットワークグループの三つ組(ホスト、ユーザー、ドメイン)を含む LDAP 属性で" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 msgid "This option is not available in IPA provider." -msgstr "" +msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:861 msgid "Default: nisNetgroupTriple" -msgstr "" +msgstr "初期値: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:867 msgid "ldap_netgroup_uuid (string)" -msgstr "" +msgstr "ldap_netgroup_uuid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:870 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" +"LDAP ネットワークグループオブジェクトの UUID/GUID を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:874 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" +msgstr "IPA プロバイダーにおいては ipa_netgroup_uuid が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:884 msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" +msgstr "ldap_netgroup_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:900 msgid "ldap_service_object_class (string)" -msgstr "" +msgstr "ldap_service_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:903 msgid "The object class of a service entry in LDAP." -msgstr "" +msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 msgid "Default: ipService" -msgstr "" +msgstr "初期値: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:912 msgid "ldap_service_name (string)" -msgstr "" +msgstr "ldap_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:915 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." -msgstr "" +msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:925 msgid "ldap_service_port (string)" -msgstr "" +msgstr "ldap_service_port (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:928 msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" +msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:932 msgid "Default: ipServicePort" -msgstr "" +msgstr "初期値: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:938 msgid "ldap_service_proto (string)" -msgstr "" +msgstr "ldap_service_proto (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:941 msgid "" "The LDAP attribute that contains the protocols understood by this service." -msgstr "" +msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:945 msgid "Default: ipServiceProtocol" -msgstr "" +msgstr "初期値: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:951 msgid "ldap_service_search_base (string)" -msgstr "" +msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:954 msgid "An optional base DN to restrict service searches to a specific subtree." msgstr "" +"サービス検索を指定したサブツリーに制限するためのオプションのベース DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 @@ -2823,18 +3284,20 @@ msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" +"複数の検索ベースを設定することの詳細は <quote>ldap_search_base</quote> を参照" +"してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 #: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 #: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" +msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:970 msgid "ldap_search_timeout (integer)" -msgstr "" +msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:973 @@ -2851,16 +3314,19 @@ msgid "" "will likely be replaced at some point by a series of timeouts for specific " "lookup types." msgstr "" +"注: このオプションは SSSD の将来のバージョンにおいて変更される可能性がありま" +"す。特定の種類の検索のために一連のタイムアウトによりある時点に置き換えられる" +"かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 msgid "Default: 6" -msgstr "" +msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:991 msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:994 @@ -2873,12 +3339,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1001 msgid "Default: 60" -msgstr "" +msgstr "初期値: 60" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1007 msgid "ldap_network_timeout (integer)" -msgstr "" +msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1010 @@ -2890,11 +3356,16 @@ msgid "" "<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" "citerefentry> returns in case of no activity." msgstr "" +"<citerefentry> <refentrytitle>connect</refentrytitle> <manvolnum>2</" +"manvolnum> </citerefentry> に続けて <citerefentry> <refentrytitle>poll</" +"refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/<citerefentry> " +"<refentrytitle>select</refentrytitle> <manvolnum>2</manvolnum> </" +"citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1033 msgid "ldap_opt_timeout (integer)" -msgstr "" +msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1036 @@ -2903,11 +3374,13 @@ msgid "" "will abort if no response is received. Also controls the timeout when " "communicating with the KDC in case of SASL bind." msgstr "" +"同期 LDAP API を呼び出しが未応答の場合に中止された後のタイムアウト(秒単位)" +"を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1048 msgid "ldap_connection_expire_timeout (integer)" -msgstr "" +msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1051 @@ -2921,12 +3394,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1059 msgid "Default: 900 (15 minutes)" -msgstr "" +msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1065 msgid "ldap_page_size (integer)" -msgstr "" +msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1068 @@ -2934,16 +3407,18 @@ msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" +"1 回の要求で LDAP から取得するレコード数を指定します。いくつかの LDAP サー" +"バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1073 msgid "Default: 1000" -msgstr "" +msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1079 msgid "ldap_disable_paging" -msgstr "" +msgstr "ldap_disable_paging" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1082 @@ -2952,6 +3427,9 @@ msgid "" "server reports that it supports the LDAP paging control in its RootDSE but " "it is not enabled or does not behave properly." msgstr "" +"LDAP ページング制御を無効にします。LDAP サーバーがその RootDSE において LDAP " +"ページング制御をサポートするが、有効化されていない、もしくは正しく動作しない" +"ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1088 @@ -2959,6 +3437,9 @@ msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" +"例: サーバーにページング制御モジュールがインストールされているが、RootDSE に" +"おいて有効化されていないと報告され、それを使用できない OpenLDAP サーバーで" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1094 @@ -2967,11 +3448,14 @@ msgid "" "a time on a single connection. On busy clients, this can result in some " "requests being denied." msgstr "" +"例: 389 DS は単一の接続において同時に 1 つのページ制御のみをサポートします。" +"負荷の高いクライアントにおいては、いくつかの要求が拒否される結果になる可能性" +"があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1103 msgid "ldap_deref_threshold (integer)" -msgstr "" +msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1106 @@ -3007,7 +3491,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1137 msgid "ldap_tls_reqcert (string)" -msgstr "" +msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1140 @@ -3015,6 +3499,8 @@ msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" +"もしあれば、 TLS セッションにおいてサーバー証明書において実行するためにチェッ" +"クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1146 @@ -3022,6 +3508,8 @@ msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" +"<emphasis>never</emphasis> = クライアントがすべてのサーバー証明書を要求または" +"確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1150 @@ -3030,6 +3518,9 @@ msgid "" "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, it will be ignored and the session proceeds normally." msgstr "" +"<emphasis>allow</emphasis> = サーバー証明書が要求されます。証明書が提供されな" +"ければ、セッションが通常通り進められます。不正な証明書が提供されると、それは" +"無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1157 @@ -3038,6 +3529,9 @@ msgid "" "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, the session is immediately terminated." msgstr "" +"<emphasis>try</emphasis> = サーバー証明書が要求されます。証明書が提供されなけ" +"れば、セッションが通常通り進められます。不正な証明書が提供されると、セッショ" +"ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1163 @@ -3046,21 +3540,23 @@ msgid "" "certificate is provided, or a bad certificate is provided, the session is " "immediately terminated." msgstr "" +"<emphasis>demand</emphasis> = サーバー証明書が要求されます。証明書が提供され" +"なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1169 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" +msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1173 msgid "Default: hard" -msgstr "" +msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1179 msgid "ldap_tls_cacert (string)" -msgstr "" +msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1182 @@ -3068,6 +3564,9 @@ msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" +"Specifies the file that contains certificates for all of the Certificate " +"Authorities that <command>sssd</command> が認識するすべての認証局に対する証明" +"書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 @@ -3075,11 +3574,13 @@ msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" +"初期値: OpenLDAP の初期値の使用、一般的に <filename>/etc/openldap/ldap.conf</" +"filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1194 msgid "ldap_tls_cacertdir (string)" -msgstr "" +msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1197 @@ -3089,37 +3590,41 @@ msgid "" "be the hash of the certificate followed by '.0'. If available, " "<command>cacertdir_rehash</command> can be used to create the correct names." msgstr "" +"個別のファイルに CA 証明書を含むディレクトリーのパスを指定します。一般的に" +"ファイル名は '.0' で終わる証明書のハッシュである必要があります。利用可能なら" +"ば、<command>cacertdir_rehash</command> は正しい名前を作成するために使用でき" +"ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1212 msgid "ldap_tls_cert (string)" -msgstr "" +msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1215 msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" +msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 #: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 msgid "Default: not set" -msgstr "" +msgstr "初期値: 設定されません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1225 msgid "ldap_tls_key (string)" -msgstr "" +msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1228 msgid "Specifies the file that contains the client's key." -msgstr "" +msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1237 msgid "ldap_tls_cipher_suite (string)" -msgstr "" +msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1240 @@ -3128,11 +3633,14 @@ msgid "" "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> for format." msgstr "" +"利用可能な暗号機能を指定します。これは一般的にコロン区切りの一覧です。形式に" +"ついては <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1253 msgid "ldap_id_use_start_tls (boolean)" -msgstr "" +msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1256 @@ -3140,11 +3648,13 @@ msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" +"チャネルを保護するために <systemitem class=\"protocol\">tls</systemitem> も使" +"用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1266 msgid "ldap_sasl_mech (string)" -msgstr "" +msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1269 @@ -3152,16 +3662,18 @@ msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" +"使用する SASL メカニズムを指定します。現在 GSSAPI のみがテストされサポートさ" +"れます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 msgid "Default: none" -msgstr "" +msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1279 msgid "ldap_sasl_authid (string)" -msgstr "" +msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1282 @@ -3169,16 +3681,18 @@ msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" +"使用する SASL 認可 ID を指定します。 GSSAPI が使用されるとき、これが認証のた" +"めに使用される Kerberos プリンシパルをディレクトリーに表現されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1287 msgid "Default: host/machine.fqdn@REALM" -msgstr "" +msgstr "初期値: host/machine.fqdn@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1293 msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" +msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1296 @@ -3186,31 +3700,34 @@ msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" +"真に設定されていると、 LDAP ライブラリーは SASL バインド中にホスト名を正規化" +"するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1301 msgid "Default: false;" -msgstr "" +msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1307 msgid "ldap_krb5_keytab (string)" -msgstr "" +msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1310 msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" +msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1313 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" +"初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1319 msgid "ldap_krb5_init_creds (boolean)" -msgstr "" +msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1322 @@ -3219,26 +3736,29 @@ msgid "" "action is performed only if SASL is used and the mechanism selected is " "GSSAPI." msgstr "" +"Kerberos クレディンシャル (TGT) を初期化する id_provider を指定します。この操" +"作は、 SASL が使用され、選択されたメカニズムが GSSAPI である場合のみ実行され" +"ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1334 msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" +msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1337 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" +msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1341 msgid "Default: 86400 (24 hours)" -msgstr "" +msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 msgid "krb5_server (string)" -msgstr "" +msgstr "krb5_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 @@ -3259,6 +3779,9 @@ msgid "" "for DNS entries that specify _udp as the protocol and falls back to _tcp if " "none are found." msgstr "" +"KDC または kpasswd サーバーに対してサービス検索を使用するとき、SSSD はまずプ" +"ロトコルとして _udp を指定する DNS エントリーを検索して、何も見つからなけれ" +"ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 @@ -3267,26 +3790,29 @@ msgid "" "While the legacy name is recognized for the time being, users are advised to " "migrate their config files to use <quote>krb5_server</quote> instead." msgstr "" +"このオプションは以前の SSSD において <quote>krb5_kdcip</quote> という名前でし" +"た。古い名前がしばらく認められる間、ユーザーは代わりに <quote>krb5_server</" +"quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" -msgstr "" +msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1379 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" +msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1382 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" +msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 msgid "krb5_canonicalize (boolean)" -msgstr "" +msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1391 @@ -3298,7 +3824,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1403 msgid "ldap_pwd_policy (string)" -msgstr "" +msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1406 @@ -3306,6 +3832,8 @@ msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" +"クライアント側においてパスワード期限切れを評価するためのポリシーを選択しま" +"す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1411 @@ -3313,6 +3841,8 @@ msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" +"<emphasis>none</emphasis> - クライアント側において評価しません。このオプショ" +"ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1416 @@ -3321,6 +3851,9 @@ msgid "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" +"<emphasis>shadow</emphasis> - パスワードが失効したかを評価するために " +"<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1422 @@ -3329,16 +3862,19 @@ msgid "" "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +"<emphasis>mit_kerberos</emphasis> - パスワードが期限切れしているかを決定する" +"ために MIT Kerberos により使用される属性を使用します。パスワードが変更される" +"とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1434 msgid "ldap_referrals (boolean)" -msgstr "" +msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1437 msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" +msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1441 @@ -3346,26 +3882,29 @@ msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" +"OpenLDAP バージョン 2.4.13 およびそれ以降とともにコンパイルされているとき、 " +"sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1452 msgid "ldap_dns_service_name (string)" -msgstr "" +msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1455 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" +"サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1459 msgid "Default: ldap" -msgstr "" +msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1465 msgid "ldap_chpass_dns_service_name (string)" -msgstr "" +msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1468 @@ -3373,16 +3912,18 @@ msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" +"サービス検索が有効にされているときに、パスワード変更を許可する LDAP サーバー" +"を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1473 msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" +msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1479 msgid "ldap_access_filter (string)" -msgstr "" +msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1482 @@ -3393,11 +3934,16 @@ msgid "" "it will result in all users being denied access. Use access_provider = allow " "to change this default behavior." msgstr "" +"access_provider = ldap を使用しているならば、このオプションは必須です。このホ" +"ストにおいてアクセスが許可されるユーザーに対して満たされる必要がある LDAP 検" +"索フィルター基準を指定します。 access_provider = ldap かつこのオプションが設" +"定されていないと、すべてのユーザーがアクセスを拒否される結果になります。この" +"初期値による動作を変更するには access_provider = allow を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 msgid "Example:" -msgstr "" +msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ldap.5.xml:1495 @@ -3407,6 +3953,9 @@ msgid "" "ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" " " msgstr "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1499 @@ -3414,6 +3963,8 @@ msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" +"この例は、このホストへのアクセスが LDAP にある \"allowedusers\" グループのメ" +"ンバーに制限されることを意味します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1504 @@ -3427,12 +3978,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 msgid "Default: Empty" -msgstr "" +msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1518 msgid "ldap_account_expire_policy (string)" -msgstr "" +msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1521 @@ -3440,6 +3991,8 @@ msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" +"このオプションを使用すると、アクセス制御属性のクライアント側評価が有効になり" +"ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1525 @@ -3448,11 +4001,14 @@ msgid "" "i.e. the LDAP server should deny the bind request with a suitable error code " "even if the password is correct." msgstr "" +"必ずサーバー側のアクセス制御を使用することが推奨されることに注意してくださ" +"い。つまり、パスワードが正しいときさえ、適切なエラーコードでバインド要求を拒" +"否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1532 msgid "The following values are allowed:" -msgstr "" +msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1535 @@ -3460,6 +4016,8 @@ msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" +"<emphasis>shadow</emphasis>: アカウントが失効しているかを決めるために " +"ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1540 @@ -3477,6 +4035,9 @@ msgid "" "emphasis>: use the value of ldap_ns_account_lock to check if access is " "allowed or not." msgstr "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" +"emphasis>: アクセスが許可されるかされないかを確認するために " +"ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1553 @@ -3486,26 +4047,31 @@ msgid "" "ldap_user_nds_login_expiration_time are used to check if access is allowed. " "If both attributes are missing access is granted." msgstr "" +"<emphasis>nds</emphasis>: アクセスが許可されるかを確認するために the values " +"of ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled および " +"ldap_user_nds_login_expiration_time の値が使用されます。どの値もなければ、ア" +"クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1568 msgid "ldap_access_order (string)" -msgstr "" +msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1571 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" +"アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1575 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" +msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1578 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" +msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1582 @@ -3513,28 +4079,31 @@ msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" +"<emphasis>authorized_service</emphasis>: アクセス権を決定するために " +"authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1587 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" +"<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1591 msgid "Default: filter" -msgstr "" +msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1594 msgid "" "Please note that it is a configuration error if a value is used more than " "once." -msgstr "" +msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1601 msgid "ldap_deref (string)" -msgstr "" +msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1604 @@ -3542,11 +4111,13 @@ msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" +"検索を実行するときにどのように参照解決を実行するかを指定します。以下のオプ" +"ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1609 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" +msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1613 @@ -3554,6 +4125,8 @@ msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" +"<emphasis>searching</emphasis>: エイリアスはベースオブジェクトの下位に参照解" +"決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1618 @@ -3561,6 +4134,8 @@ msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" +"<emphasis>finding</emphasis>: エイリアスは検索のベースオブジェクトの位置を探" +"すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1623 @@ -3568,6 +4143,8 @@ msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" +"<emphasis>always</emphasis>: エイリアスは検索のベースオブジェクトを検索すると" +"きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1628 @@ -3575,6 +4152,8 @@ msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" +"初期値: 空白(LDAP クライアントライブラリにより <emphasis>never</emphasis> と" +"して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 @@ -3585,56 +4164,61 @@ msgid "" "manvolnum> </citerefentry> manual page for full details. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"SSSD ドメインに適用するすべての全体設定オプションを LDAP ドメインに適用しま" +"す。完全な詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> マニュアルページの <quote>ドメインセ" +"クション</quote> を参照してください。 <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 msgid "SUDO OPTIONS" -msgstr "" +msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 msgid "ldap_sudorule_object_class (string)" -msgstr "" +msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1647 msgid "The object class of a sudo rule entry in LDAP." -msgstr "" +msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1650 msgid "Default: sudoRole" -msgstr "" +msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1656 msgid "ldap_sudorule_name (string)" -msgstr "" +msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1659 msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" +msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1669 msgid "ldap_sudorule_command (string)" -msgstr "" +msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1672 msgid "The LDAP attribute that corresponds to the command name." -msgstr "" +msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1676 msgid "Default: sudoCommand" -msgstr "" +msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1682 msgid "ldap_sudorule_host (string)" -msgstr "" +msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1685 @@ -3642,16 +4226,18 @@ msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" +"ホスト名(またはホスト IP アドレス、ホスト IP ネットワーク、ホストネットワー" +"クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 msgid "Default: sudoHost" -msgstr "" +msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1696 msgid "ldap_sudorule_user (string)" -msgstr "" +msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1699 @@ -3659,48 +4245,50 @@ msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" +"ユーザー名(または UID、グループ名、ユーザーのネットワークグループ)に対応す" +"る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1703 msgid "Default: sudoUser" -msgstr "" +msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1709 msgid "ldap_sudorule_option (string)" -msgstr "" +msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1712 msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" +msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 msgid "Default: sudoOption" -msgstr "" +msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1722 msgid "ldap_sudorule_runasuser (string)" -msgstr "" +msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1725 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." -msgstr "" +msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1729 msgid "Default: sudoRunAsUser" -msgstr "" +msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1735 msgid "ldap_sudorule_runasgroup (string)" -msgstr "" +msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1738 @@ -3708,33 +4296,34 @@ msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" +"コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1742 msgid "Default: sudoRunAsGroup" -msgstr "" +msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1748 msgid "ldap_sudorule_notbefore (string)" -msgstr "" +msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1751 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." -msgstr "" +msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1755 msgid "Default: sudoNotBefore" -msgstr "" +msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1761 msgid "ldap_sudorule_notafter (string)" -msgstr "" +msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1764 @@ -3742,31 +4331,33 @@ msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" +"sudo ルールが有効ではなくなった後に、期限切れとなる日時に対応する LDAP 属性で" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1769 msgid "Default: sudoNotAfter" -msgstr "" +msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1775 msgid "ldap_sudorule_order (string)" -msgstr "" +msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1778 msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" +msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1782 msgid "Default: sudoOrder" -msgstr "" +msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1788 msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" +msgstr "ldap_sudo_refresh_enabled (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1791 @@ -3774,83 +4365,89 @@ msgid "" "Enables periodical download of all sudo rules. The cache is purged before " "each update." msgstr "" +"すべての sudo ルールの定期的なダウンロードを有効にします。キャッシュはそれぞ" +"れの更新前に掃除されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1801 msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" +msgstr "ldap_sudo_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1804 msgid "" "How many seconds SSSD has to wait before refreshing its cache of sudo rules." msgstr "" +"SSSD が sudo ルールのキャッシュを更新する前に待たなければいけない秒数です。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1642 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" +"このマニュアルページは属性名マッピングのみを説明します。 sudo に関連する属性" +"セマンティックの詳細な説明は <citerefentry> <refentrytitle>sudoers.ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 msgid "AUTOFS OPTIONS" -msgstr "" +msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." -msgstr "" +msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1834 msgid "ldap_autofs_map_object_class (string)" -msgstr "" +msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 msgid "The object class of an automount map entry in LDAP." -msgstr "" +msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 msgid "Default: automountMap" -msgstr "" +msgstr "初期値: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1847 msgid "ldap_autofs_map_name (string)" -msgstr "" +msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1850 msgid "The name of an automount map entry in LDAP." -msgstr "" +msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 msgid "Default: ou" -msgstr "" +msgstr "初期値: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1860 msgid "ldap_autofs_entry_object_class (string)" -msgstr "" +msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1874 msgid "ldap_autofs_entry_key (string)" -msgstr "" +msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 @@ -3858,16 +4455,18 @@ msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" +"LDAP にある automount エントリーのキーです。エントリーは一般的にマウントポイ" +"ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1888 msgid "ldap_autofs_entry_value (string)" -msgstr "" +msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1895 msgid "Default: automountInformation" -msgstr "" +msgstr "初期値: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1832 @@ -3877,47 +4476,55 @@ msgid "" "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" "\"variablelist\" id=\"4\"/>" msgstr "" +"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" +"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " +"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" +"\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1904 msgid "ADVANCED OPTIONS" -msgstr "" +msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1911 msgid "ldap_netgroup_search_base (string)" -msgstr "" +msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1914 msgid "" "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" +"ネットワークグループの検索を特定のサブツリーに制限するためのオプションのベー" +"ス DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1930 msgid "ldap_user_search_base (string)" -msgstr "" +msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1933 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" +"ユーザーの検索を特定のサブツリーに制限するためのオプションのベース DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1949 msgid "ldap_group_search_base (string)" -msgstr "" +msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1952 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" +"グループの検索を特定のサブツリーに制限するためのオプションのベース DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1968 msgid "ldap_user_search_filter (string)" -msgstr "" +msgstr "ldap_user_search_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1971 @@ -3925,6 +4532,8 @@ msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" +"このオプションは、ユーザー検索を制限する、追加の LDAP 検索フィルター基準を指" +"定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1975 @@ -3932,6 +4541,8 @@ msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" +"このオプションは ldap_user_search_base により使用される構文のほうを選んで" +"<emphasis>廃止されます</emphasis>。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> #: sssd-ldap.5.xml:1985 @@ -3940,6 +4551,8 @@ msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" " " msgstr "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1988 @@ -3947,11 +4560,13 @@ msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" +"このフィルターは、ユーザー検索をシェルが /bin/tcsh に設定されているユーザーに" +"制限されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1995 msgid "ldap_group_search_filter (string)" -msgstr "" +msgstr "ldap_group_search_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1998 @@ -3959,6 +4574,8 @@ msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" +"このオプションは、グループ検索を制限する、追加の LDAP 検索フィルター基準を指" +"定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2002 @@ -3966,28 +4583,34 @@ msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" +"このオプションは ldap_group_search_base により使用される構文のほうを選んで" +"<emphasis>廃止されます</emphasis>。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2012 msgid "ldap_sudo_search_base (string)" -msgstr "" +msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2015 msgid "" "An optional base DN to restrict sudo rules searches to a specific subtree." msgstr "" +"sudo ルール検索を指定したサブツリーに制限するためのオプションのベース DN で" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2034 msgid "ldap_autofs_search_base (string)" -msgstr "" +msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2037 msgid "" "An optional base DN to restrict automounter searches to a specific subtree." msgstr "" +"automounter 検索を指定したサブツリーに制限するためのオプションのベース DN で" +"す。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1906 @@ -3996,6 +4619,9 @@ msgid "" "caution. Please include them in your configuration only if you know what you " "are doing. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"これらのオプションは LDAP ドメインによりサポートされますが、注意して使用する" +"必要があります。自分が何をしているかを理解している場合のみ、設定に含めてくだ" +"さい。 <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2066 @@ -4004,6 +4630,9 @@ msgid "" "set to one of the domains in the <replaceable>[domains]</replaceable> " "section." msgstr "" +"以下の例は、SSSD が正しく設定され、LDAP が <replaceable>[domains]</" +"replaceable> セクションにあるドメインのどれかに設定されていると仮定していま" +"す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ldap.5.xml:2072 @@ -4018,17 +4647,25 @@ msgid "" " cache_credentials = true\n" " enumerate = true\n" msgstr "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 #: sssd-krb5.5.xml:441 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" -msgstr "" +msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2087 @@ -4038,6 +4675,10 @@ msgid "" "<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " "distribution." msgstr "" +"このマニュアルページにある設定オプションのいくつかの説明は、OpenLDAP 2.4 ディ" +"ストリビューションから <citerefentry> <refentrytitle>ldap.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページに基" +"づいています。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:2098 @@ -4047,6 +4688,10 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <refentryinfo> #: pam_sss.8.xml:8 include/upstream.xml:2 @@ -4054,16 +4699,18 @@ msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - http://" "fedorahosted.org/sssd</orgname>" msgstr "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" +"fedorahosted.org/sssd</orgname>" #. type: Content of: <reference><refentry><refnamediv><refname> #: pam_sss.8.xml:13 pam_sss.8.xml:18 msgid "pam_sss" -msgstr "" +msgstr "pam_sss" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: pam_sss.8.xml:19 msgid "PAM module for SSSD" -msgstr "" +msgstr "SSSD の PAM モジュール" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:24 @@ -4075,6 +4722,12 @@ msgid "" "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" "arg>" msgstr "" +"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" +"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" +"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:45 @@ -4083,21 +4736,24 @@ msgid "" "Services daemon (SSSD). Errors and results are logged through <command>syslog" "(3)</command> with the LOG_AUTHPRIV facility." msgstr "" +"<command>pam_sss.so</command> は System Security Services daemon (SSSD) への " +"PAM インターフェースです。エラーと結果は <command>syslog(3)</command> を通し" +"て LOG_AUTHPRIV ファシリティでログ記録されます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:55 msgid "<option>quiet</option>" -msgstr "" +msgstr "<option>quiet</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:58 msgid "Suppress log messages for unknown users." -msgstr "" +msgstr "不明なユーザーのログメッセージを抑制します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:63 msgid "<option>forward_pass</option>" -msgstr "" +msgstr "<option>forward_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:66 @@ -4105,11 +4761,13 @@ msgid "" "If <option>forward_pass</option> is set the entered password is put on the " "stack for other PAM modules to use." msgstr "" +"<option>forward_pass</option> が設定されていると、他の PAM モジュールが使用す" +"るために、入力されたパスワードがスタックに置かれます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:73 msgid "<option>use_first_pass</option>" -msgstr "" +msgstr "<option>use_first_pass</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:76 @@ -4118,11 +4776,14 @@ msgid "" "modules password and will never prompt the user - if no password is " "available or the password is not appropriate, the user will be denied access." msgstr "" +"引数 use_first_pass は強制的にモジュールが前にスタックされたモジュールのパス" +"ワードを使用して、ユーザーに入力させません。パスワードが何も利用可能ではな" +"い、またはパスワードが適切でなければ、ユーザーがアクセスを拒否されます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:84 msgid "<option>use_authtok</option>" -msgstr "" +msgstr "<option>use_authtok</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:87 @@ -4130,11 +4791,13 @@ msgid "" "When password changing enforce the module to set the new password to the one " "provided by a previously stacked password module." msgstr "" +"パスワードを変更するとき、モジュールが強制的に新しいパスワードを、前にスタッ" +"クされたパスワードモジュールに設定します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:94 msgid "<option>retry=N</option>" -msgstr "" +msgstr "<option>retry=N</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:97 @@ -4142,6 +4805,8 @@ msgid "" "If specified the user is asked another N times for a password if " "authentication fails. Default is 0." msgstr "" +"指定されていると、認証に失敗した場合にパスワードをあと N 回ユーザーに問い合わ" +"せます。初期値は 0 です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:99 @@ -4154,7 +4819,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:110 msgid "MODULE TYPES PROVIDED" -msgstr "" +msgstr "提供されるモジュール形式" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:111 @@ -4162,11 +4827,13 @@ msgid "" "All module types (<option>account</option>, <option>auth</option>, " "<option>password</option> and <option>session</option>) are provided." msgstr "" +"すべてのモジュール形式 (<option>account</option>, <option>auth</option>, " +"<option>password</option> および <option>session</option>) が提供されます。" #. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:117 msgid "FILES" -msgstr "" +msgstr "ファイル" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:118 @@ -4195,6 +4862,9 @@ msgid "" "DOMAIN_NAME/</filename>. If no matching file is present a generic message is " "displayed." msgstr "" +"これらのファイルがディレクトリー <filename>/etc/sssd/customize/DOMAIN_NAME/</" +"filename> において検索されます。一致するファイルがなければ、一般的なメッセー" +"ジが表示されます。" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:141 @@ -4202,11 +4872,13 @@ msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 msgid "sssd_krb5_locator_plugin" -msgstr "" +msgstr "sssd_krb5_locator_plugin" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:22 @@ -4249,6 +4921,8 @@ msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" +"環境変数 SSSD_KRB5_LOCATOR_DEBUG に何らかの値が設定されていると、デバッグメッ" +"セージが標準エラーに送られます。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:77 @@ -4258,16 +4932,20 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" -msgstr "" +msgstr "sssd-simple" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-simple.5.xml:17 msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" +msgstr "SSSD の 'simple' アクセス制御プロバイダーの設定ファイルです。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:24 @@ -4279,6 +4957,11 @@ msgid "" "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page." msgstr "" +"このマニュアルは <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> に対して簡単なアクセス制御の設定を説" +"明しています。詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> マニュアルページの <quote>ファイル形" +"式</quote> セクションを参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:38 @@ -4286,11 +4969,13 @@ msgid "" "The simple access provider grants or denies access based on an access or " "deny list of user or group names. The following rules apply:" msgstr "" +"シンプルアクセスプロバイダーは、ユーザー名またはグループ名のアクセスまたは拒" +"否の一覧に基づいてアクセスを許可または拒否します。以下の例を適用します:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:43 msgid "If all lists are empty, access is granted" -msgstr "" +msgstr "すべての一覧が空白ならば、アクセスが認められます" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:47 @@ -4298,6 +4983,9 @@ msgid "" "If any list is provided, the order of evaluation is allow,deny. This means " "that any matching deny rule will supersede any matched allow rule." msgstr "" +"何らかの一覧が提供されていると、許可(allow)、拒否(deny)の順に評価されま" +"す。拒否ルールに一致するすべてのものは、許可ルールに一致するすべてのものを更" +"新することを意味します。" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:54 @@ -4305,6 +4993,8 @@ msgid "" "If either or both \"allow\" lists are provided, all users are denied unless " "they appear in the list." msgstr "" +"\"allow\" 一覧が提供されていると、すべてのユーザーはこの一覧に表れなければ拒" +"否されます。" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd-simple.5.xml:60 @@ -4312,31 +5002,33 @@ msgid "" "If only \"deny\" lists are provided, all users are granted access unless " "they appear in the list." msgstr "" +"\"deny\" 一覧のみが提供されていると、ユーザーがこの一覧に表れない限り、すべて" +"のユーザーがアクセスを許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:78 msgid "simple_allow_users (string)" -msgstr "" +msgstr "simple_allow_users (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:81 msgid "Comma separated list of users who are allowed to log in." -msgstr "" +msgstr "ログインが許可されたユーザーのカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:88 msgid "simple_deny_users (string)" -msgstr "" +msgstr "simple_deny_users (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:91 msgid "Comma separated list of users who are explicitly denied access." -msgstr "" +msgstr "アクセスが明示的に拒否されたユーザーのカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:97 msgid "simple_allow_groups (string)" -msgstr "" +msgstr "simple_allow_groups (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:100 @@ -4344,11 +5036,13 @@ msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" +"ログインが許可されたグループのカンマ区切り一覧です。この SSSD ドメインの中の" +"グループのみに適用されます。ローカルグループは評価されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-simple.5.xml:108 msgid "simple_deny_groups (string)" -msgstr "" +msgstr "simple_deny_groups (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-simple.5.xml:111 @@ -4357,6 +5051,8 @@ msgid "" "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" +"アクセスが明示的に拒否されたグループのカンマ区切り一覧です。この SSSD ドメイ" +"ンの中のグループのみに適用されます。ローカルグループは評価されません。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 @@ -4366,6 +5062,10 @@ msgid "" "citerefentry> manual page for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"SSSD ドメインの設定に関する詳細は <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルページの " +"<quote>ドメインセクション</quote> のセクションを参照してください。 " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 @@ -4373,6 +5073,8 @@ msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" +"simple_allow_users と simple_deny_users がどちらも定義されると、設定エラーに" +"なることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:128 @@ -4381,6 +5083,9 @@ msgid "" "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the simple access provider-specific options." msgstr "" +"以下の例は、SSSD が正しく設定され、example.com が <replaceable>[sssd]</" +"replaceable> セクションにあるドメインの 1 つであると仮定します。この例はアク" +"セスプロバイダー固有の簡単なオプションのみを示します。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-simple.5.xml:135 @@ -4390,6 +5095,9 @@ msgid "" " access_provider = simple\n" " simple_allow_users = user1, user2\n" msgstr "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:145 @@ -4398,11 +5106,14 @@ msgid "" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 msgid "sssd-ipa" -msgstr "" +msgstr "sssd-ipa" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:23 @@ -4413,6 +5124,11 @@ msgid "" "FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"このマニュアルページは <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> に対する IPA プロバイダーの設定を説" +"明しています。詳細な構文の参考資料は <citerefentry> <refentrytitle>sssd." +"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> マニュアルペー" +"ジの <quote>ファイル形式</quote> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:36 @@ -4422,6 +5138,10 @@ msgid "" "requires that the machine be joined to the IPA domain; configuration is " "almost entirely self-discovered and obtained directly from the server." msgstr "" +"IPA プロバイダーは IPA サーバーに接続するために使用されるバックエンドです。" +"(IPA サーバーに関する詳細は freeipa.org のウェブサイトを参照してください。)" +"このプロバイダーは、マシンが IPA ドメインに参加していて、設定がすでに全体的に" +"自己検索され、サーバーから直接取得されている必要があります。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:43 @@ -4446,7 +5166,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:72 msgid "ipa_domain (string)" -msgstr "" +msgstr "ipa_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:75 @@ -4454,11 +5174,13 @@ msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" +"IPA ドメインの名前を指定します。これはオプションです。提供されなければ、設定" +"ドメイン名が使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:83 msgid "ipa_server (string)" -msgstr "" +msgstr "ipa_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:86 @@ -4473,7 +5195,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:99 msgid "ipa_hostname (string)" -msgstr "" +msgstr "ipa_hostname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:102 @@ -4481,11 +5203,13 @@ msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" +"オプションです。hostname(5) がこのホストを識別するために IPA ドメインにおいて" +"使用される完全修飾名を反映しないマシンにおいて設定されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:110 msgid "ipa_dyndns_update (boolean)" -msgstr "" +msgstr "ipa_dyndns_update (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:113 @@ -4493,6 +5217,8 @@ msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" +"オプションです。このオプションは FreeIPA v2 の中にこのクライアントの IP アド" +"レスを組み込む DNS サーバーを自動的に更新するよう SSSD に通知します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:118 @@ -4500,11 +5226,14 @@ msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" +"注: (RHEL5 のような) 古いシステムにおいて、この動作が正しく機能するためには、" +"デフォルトの Kerberos レルムが /etc/krb5.conf において正しく設定されている必" +"要があります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:129 msgid "ipa_dyndns_iface (string)" -msgstr "" +msgstr "ipa_dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:132 @@ -4512,36 +5241,42 @@ msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" +"オプションです。ipa_dyndns_update が真のときのみ適用できます。動的 DNS 更新の" +"ために使用される IP アドレスのインターフェースを選択します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:137 msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" +msgstr "初期値: IPA LDAP 接続の IP アドレスを使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:143 msgid "ipa_hbac_search_base (string)" -msgstr "" +msgstr "ipa_hbac_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:146 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" +"オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと" +"して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:150 msgid "Default: Use base DN" -msgstr "" +msgstr "初期値: ベース DN を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:156 msgid "ipa_host_search_base (string)" -msgstr "" +msgstr "ipa_host_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:159 msgid "Optional. Use the given string as search base for host objects." msgstr "" +"オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" +"ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:168 @@ -4550,21 +5285,26 @@ msgid "" "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " "will be ignored." msgstr "" +"フィルターがすべての検索ベースに与えられ、かつ " +"<emphasis>ipa_hbac_support_srchost</emphasis> が偽(False)に設定されている" +"と、フィルターは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:180 msgid "ipa_selinux_search_base (string)" -msgstr "" +msgstr "ipa_selinux_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:183 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" +"オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと" +"して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 msgid "krb5_validate (boolean)" -msgstr "" +msgstr "krb5_validate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 @@ -4572,6 +5312,7 @@ msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" +"取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:209 @@ -4579,6 +5320,8 @@ msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" +"この初期値は伝統的な Kerberos プロバイダーのバックエンドとは異なることに注意" +"してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:219 @@ -4586,6 +5329,8 @@ msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" +"Kerberos レルムの名前です。これはオプションで、初期値は <quote>ipa_domain</" +"quote> の値です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:223 @@ -4593,6 +5338,8 @@ msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" +"IPA において特別な意味を持つ Kerberos レルムの名前です。LDAP 操作を実行するた" +"めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:234 @@ -4601,11 +5348,13 @@ msgid "" "connecting to IPA LDAP and also for AS requests. This feature is available " "with MIT Kerberos >= 1.7" msgstr "" +"IPA LDAP と AS 要求に対して接続するとき、ホストとユーザープリンシパルを正規化" +"するかを指定します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:247 msgid "ipa_hbac_refresh (integer)" -msgstr "" +msgstr "ipa_hbac_refresh (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:250 @@ -4618,12 +5367,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:257 msgid "Default: 5 (seconds)" -msgstr "" +msgstr "初期値: 5 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:262 msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" +msgstr "ipa_hbac_treat_deny_as (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:265 @@ -4633,6 +5382,11 @@ msgid "" "of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " "client will support two modes of operation during this transition period:" msgstr "" +"このオプションは推奨されない DENY 形式の HBAC ルールをどのように取り扱うかを" +"指定します。FreeIPA v2.1 現在、DENY ルールはもはやサーバーにおいてサポートさ" +"れません。すべての FreeIPA のユーザーはそれらのルールを ALLOW ルールのみを使" +"用するよう移行する必要があります。クライアントはこの移行期間中 2 つのモードの" +"操作をサポートします:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:274 @@ -4640,6 +5394,8 @@ msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" +"<emphasis>DENY_ALL</emphasis>: すべての HBAC DENY ルールが検知されると、すべ" +"てのユーザーがアクセスを拒否されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:279 @@ -4647,16 +5403,19 @@ msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" +"<emphasis>IGNORE</emphasis>: SSSD がすべての DENY ルールを無視されます。意図" +"しないアクセスが開かれる可能性があるので、このオプションを用いるときは非常に" +"注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:284 msgid "Default: DENY_ALL" -msgstr "" +msgstr "初期値: DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:289 msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" +msgstr "ipa_hbac_support_srchost (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:292 @@ -4664,6 +5423,8 @@ msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" +"これが偽に設定されていると、PAM により SSSD に与えられる srchost が無視されま" +"す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:296 @@ -4671,36 +5432,39 @@ msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" +"<emphasis>False</emphasis> に設定されていると、このオプションは " +"<emphasis>ipa_host_search_base</emphasis> に与えられたフィルターが無視される" +"ようになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:307 msgid "ipa_automount_location (string)" -msgstr "" +msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:310 msgid "The automounter location this IPA client will be using" -msgstr "" +msgstr "この IPA クライアントが使用する automounter の場所です" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:313 msgid "Default: The location named \"default\"" -msgstr "" +msgstr "初期値: \"default\" という名前の場所" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:319 msgid "ipa_netgroup_member_of (string)" -msgstr "" +msgstr "ipa_netgroup_member_of (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:322 msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" +msgstr "ネットワークグループのメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:331 msgid "ipa_netgroup_member_user (string)" -msgstr "" +msgstr "ipa_netgroup_member_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:334 @@ -4708,16 +5472,18 @@ msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" +"ネットワークグループの直接メンバーであるシステムユーザーとグループを一覧化す" +"る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 msgid "Default: memberUser" -msgstr "" +msgstr "初期値: memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:344 msgid "ipa_netgroup_member_host (string)" -msgstr "" +msgstr "ipa_netgroup_member_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:347 @@ -4725,16 +5491,18 @@ msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" +"ネットワークグループの直接メンバーであるホストとホストグループを一覧化する " +"LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 msgid "Default: memberHost" -msgstr "" +msgstr "初期値: memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:356 msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" +msgstr "ipa_netgroup_member_ext_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:359 @@ -4742,99 +5510,101 @@ msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" +"ネットワークグループのメンバーであるホストとホストグループの FQDN を一覧化す" +"る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:363 msgid "Default: externalHost" -msgstr "" +msgstr "初期値: externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:368 msgid "ipa_netgroup_domain (string)" -msgstr "" +msgstr "ipa_netgroup_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:371 msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" +msgstr "ネットワークグループの NIS ドメイン名を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:375 msgid "Default: nisDomainName" -msgstr "" +msgstr "初期値: nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:381 msgid "ipa_host_object_class (string)" -msgstr "" +msgstr "ipa_host_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 msgid "The object class of a host entry in LDAP." -msgstr "" +msgstr "LDAP にあるホストエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 msgid "Default: ipaHost" -msgstr "" +msgstr "初期値: ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:392 msgid "ipa_host_fqdn (string)" -msgstr "" +msgstr "ipa_host_fqdn (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:395 msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" +msgstr "ホストの FQDN を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:398 msgid "Default: fqdn" -msgstr "" +msgstr "初期値: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:404 msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" +msgstr "ipa_selinux_usermap_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:415 msgid "ipa_selinux_usermap_name (string)" -msgstr "" +msgstr "ipa_selinux_usermap_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:418 msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" +msgstr "SELinux ユーザーマップの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:427 msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" +msgstr "ipa_selinux_usermap_member_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:430 msgid "" "The LDAP attribute that contains all users / groups this rule match against." -msgstr "" +msgstr "このルールが一致するすべてのユーザー・グループを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:439 msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" +msgstr "ipa_selinux_usermap_member_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:442 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." -msgstr "" +msgstr "このルールが一致するホスト・ホストグループを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:451 msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" +msgstr "ipa_selinux_usermap_see_also (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:454 @@ -4842,31 +5612,33 @@ msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" +"memberUser と memberHost の代わりにマッチに使用される HBAC ルールの DN を含" +"む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:459 msgid "Default: seeAlso" -msgstr "" +msgstr "初期値: seeAlso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:464 msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" +msgstr "ipa_selinux_usermap_selinux_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:467 msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" +msgstr "SELinux ユーザー文字列自身を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:471 msgid "Default: ipaSELinuxUser" -msgstr "" +msgstr "初期値: ipaSELinuxUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:476 msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" +msgstr "ipa_selinux_usermap_enabled (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:479 @@ -4874,71 +5646,72 @@ msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" +"ユーザーマップが使用するために有効化されているかどうかを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:483 msgid "Default: ipaEnabledFlag" -msgstr "" +msgstr "初期値: ipaEnabledFlag" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:488 msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" +msgstr "ipa_selinux_usermap_user_category (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:491 msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" +msgstr "'all' のようなユーザーカテゴリーを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:495 msgid "Default: userCategory" -msgstr "" +msgstr "初期値: userCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:500 msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" +msgstr "ipa_selinux_usermap_host_category (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:503 msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" +msgstr "'all' のようなホストカテゴリーを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:507 msgid "Default: hostCategory" -msgstr "" +msgstr "初期値: hostCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:512 msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" +msgstr "ipa_selinux_usermap_uuid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:515 msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" +msgstr "ユーザーマップの一意な ID を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:519 msgid "Default: ipaUniqueID" -msgstr "" +msgstr "初期値: ipaUniqueID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:524 msgid "ipa_host_ssh_public_key (string)" -msgstr "" +msgstr "ipa_host_ssh_public_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:527 msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" +msgstr "ホストの SSH 公開鍵を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:531 msgid "Default: ipaSshPubKey" -msgstr "" +msgstr "初期値: ipaSshPubKey" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:546 @@ -4947,6 +5720,9 @@ msgid "" "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " "This examples shows only the ipa provider-specific options." msgstr "" +"以下の例は、SSSD が正しく設定され、example.com が <replaceable>[sssd]</" +"replaceable> セクションにあるドメインの 1 つであることを仮定しています。この" +"例は IPA プロバイダー固有のオプションのみを示しています。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:553 @@ -4957,6 +5733,10 @@ msgid "" " ipa_server = ipaserver.example.com\n" " ipa_hostname = myhost.example.com\n" msgstr "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:564 @@ -4968,16 +5748,22 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sssd</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.8.xml:10 sssd.8.xml:15 msgid "sssd" -msgstr "" +msgstr "sssd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.8.xml:16 msgid "System Security Services Daemon" -msgstr "" +msgstr "System Security Services Daemon" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sssd.8.xml:21 @@ -4985,6 +5771,8 @@ msgid "" "<command>sssd</command> <arg choice='opt'> <replaceable>options</" "replaceable> </arg>" msgstr "" +"<command>sssd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:31 @@ -5004,47 +5792,51 @@ msgid "" "<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" "replaceable>" msgstr "" +"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:53 msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" +msgstr "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:57 msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" +msgstr "<emphasis>1</emphasis>: デバッグメッセージに日時を追加します" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:60 msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" +msgstr "<emphasis>0</emphasis>: デバッグメッセージで日時を無効にします" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:69 msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" +msgstr "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:73 msgid "" "<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" msgstr "" +"<emphasis>1</emphasis>: デバッグメッセージにミリ秒をタイムスタンプに追加しま" +"す" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:76 msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" +msgstr "<emphasis>0</emphasis>: 日時でマイクロ秒を無効にします" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:79 msgid "Default: 0" -msgstr "" +msgstr "初期値: 0" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:85 msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" +msgstr "<option>-f</option>,<option>--debug-to-files</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:89 @@ -5057,56 +5849,60 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:97 msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" +msgstr "<option>-D</option>,<option>--daemon</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:101 msgid "Become a daemon after starting up." -msgstr "" +msgstr "起動後にデーモンになります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:107 msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" +msgstr "<option>-i</option>,<option>--interactive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:111 msgid "Run in the foreground, don't become a daemon." -msgstr "" +msgstr "フォアグラウンドで実行して、デーモンになりません。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" -msgstr "" +msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " "consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" +"非標準の設定ファイルを指定します。初期値は <filename>/etc/sssd/sssd.conf</" +"filename> です。設定ファイルの構文とオプションは <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> マニュアルページを参照してください。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:135 msgid "<option>--version</option>" -msgstr "" +msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:139 msgid "Print version number and exit." -msgstr "" +msgstr "バージョン番号を表示して終了します。" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.8.xml:147 msgid "Signals" -msgstr "" +msgstr "シグナル" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:150 msgid "SIGTERM/SIGINT" -msgstr "" +msgstr "SIGTERM/SIGINT" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:153 @@ -5114,11 +5910,13 @@ msgid "" "Informs the SSSD to gracefully terminate all of its child processes and then " "shut down the monitor." msgstr "" +"SSSD にすべての子プロセスを穏やかに停止するよう通知して、モニターをシャットダ" +"ウンします。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:159 msgid "SIGHUP" -msgstr "" +msgstr "SIGHUP" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:162 @@ -5127,11 +5925,14 @@ msgid "" "close and reopen them. This is meant to facilitate log rolling with programs " "like logrotate." msgstr "" +"SSSD が現在のデバッグファイルディスクリプターに書き込むことを止めて、それらを" +"閉じてから開きなおすよう指示します。これは logrotate のようなプログラムを用い" +"てログローテーションを促進することを意味します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:170 msgid "SIGUSR1" -msgstr "" +msgstr "SIGUSR1" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:173 @@ -5139,11 +5940,13 @@ msgid "" "Tells the SSSD to simulate offline operation for one minute. This is mostly " "useful for testing purposes." msgstr "" +"SSSD に 1 分間オフライン操作をシミュレーションするよう指示します。テスト目的" +"のためにほぼ有用です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:179 msgid "SIGUSR2" -msgstr "" +msgstr "SIGUSR2" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:182 @@ -5151,6 +5954,7 @@ msgid "" "Tells the SSSD to go online immediately. This is mostly useful for testing " "purposes." msgstr "" +"SSSD に直ちにオンラインになるよう指示します。テスト目的のためにほぼ有用です。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.8.xml:193 @@ -5167,16 +5971,27 @@ msgid "" "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 msgid "sss_obfuscate" -msgstr "" +msgstr "sss_obfuscate" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_obfuscate.8.xml:16 msgid "obfuscate a clear text password" -msgstr "" +msgstr "平文パスワードをわかりにくくする" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_obfuscate.8.xml:21 @@ -5185,6 +6000,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" "replaceable></arg>" msgstr "" +"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" +"replaceable></arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:32 @@ -5193,6 +6011,8 @@ msgid "" "unreadable format and places it into appropriate domain section of the SSSD " "config file." msgstr "" +"<command>sss_obfuscate</command> は、与えられたパスワードを人間が読みにくい形" +"式に変換して、SSSD 設定ファイルの適切なドメインセクションに置きます。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:37 @@ -5205,6 +6025,13 @@ msgid "" "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more details on these parameters." msgstr "" +"平文のパスワードは、標準入力から読み込まれます、または対話的に入力されます。" +"解読しにくくされたパスワードが指定された SSSD ドメインの " +"<quote>ldap_default_authtok</quote> パラメータに置かれます。また " +"<quote>ldap_default_authtok_type</quote> パラメーターが " +"<quote>obfuscated_password</quote> に設定されます。これらのパラメーターの詳細" +"は <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:49 @@ -5219,19 +6046,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:63 msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" +msgstr "<option>-s</option>,<option>--stdin</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:67 msgid "The password to obfuscate will be read from standard input." -msgstr "" +msgstr "解読しにくくするパスワードが標準入力から読み込まれます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" msgstr "" +"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:79 @@ -5239,22 +6069,25 @@ msgid "" "The SSSD domain to use the password in. The default name is <quote>default</" "quote>." msgstr "" +"パスワードに使用する SSSD ドメインです。名前の初期値は <quote>default</" +"quote> です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:86 msgid "" "<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" msgstr "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:91 msgid "Read the config file specified by the positional parameter." -msgstr "" +msgstr "位置パラメーターにより指定された設定ファイルを読み込みます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:95 msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" +msgstr "初期値: <filename>/etc/sssd/sssd.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:105 @@ -5262,16 +6095,18 @@ msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_useradd.8.xml:10 sss_useradd.8.xml:15 msgid "sss_useradd" -msgstr "" +msgstr "sss_useradd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_useradd.8.xml:16 msgid "create a new user" -msgstr "" +msgstr "新しいユーザーを作成する" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_useradd.8.xml:21 @@ -5280,6 +6115,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:32 @@ -5287,12 +6125,15 @@ msgid "" "<command>sss_useradd</command> creates a new user account using the values " "specified on the command line plus the default values from the system." msgstr "" +"<command>sss_useradd</command> は、コマンドラインにおいて指定された値とシステ" +"ムの初期値を使用して、新しいユーザーを作成します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:43 msgid "" "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:48 @@ -5300,6 +6141,8 @@ msgid "" "Set the UID of the user to the value of <replaceable>UID</replaceable>. If " "not given, it is chosen automatically." msgstr "" +"ユーザーの UID を <replaceable>UID</replaceable> の値を設定します。与えられな" +"いと、自動的に選択されます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:55 sss_usermod.8.xml:43 @@ -5307,6 +6150,8 @@ msgid "" "<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" "replaceable>" msgstr "" +"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:60 sss_usermod.8.xml:48 @@ -5314,6 +6159,8 @@ msgid "" "Any text string describing the user. Often used as the field for the user's " "full name." msgstr "" +"ユーザーを説明している任意のテキスト文字列です。しばしばユーザーの完全名の項" +"目として使用されます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:67 sss_usermod.8.xml:55 @@ -5321,6 +6168,8 @@ msgid "" "<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" "replaceable>" msgstr "" +"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:72 @@ -5331,12 +6180,18 @@ msgid "" "<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" "baseDirectory</quote> setting in sssd.conf." msgstr "" +"ユーザーアカウントのホームディレクトリーです。初期値は <filename>/home</" +"filename> に <replaceable>LOGIN</replaceable> の名前を追加して、ホームディレ" +"クトリーとして使用します。 <replaceable>LOGIN</replaceable> の前につけるベー" +"スは sssd.conf において <quote>user_defaults/baseDirectory</quote> 設定で変更" +"できます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:82 sss_usermod.8.xml:66 msgid "" "<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" msgstr "" +"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:87 @@ -5345,6 +6200,9 @@ msgid "" "filename>. The default can be changed with <quote>user_defaults/" "defaultShell</quote> setting in sssd.conf." msgstr "" +"ユーザーのログインシェルです。初期値は現在 <filename>/bin/bash</filename> で" +"す。初期値は sssd.conf において <quote>user_defaults/defaultShell</quote> で" +"変更できます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:96 @@ -5352,16 +6210,18 @@ msgid "" "<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" "replaceable>" msgstr "" +"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:101 msgid "A list of existing groups this user is also a member of." -msgstr "" +msgstr "このユーザーがメンバーである既存のユーザーの一覧です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:107 msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" +msgstr "<option>-m</option>,<option>--create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:111 @@ -5370,17 +6230,20 @@ msgid "" "directories contained in the skeleton directory (which can be defined with " "the -k option or in the config file) will be copied to the home directory." msgstr "" +"ユーザーのホームディレクトリーが存在しなければ、それを作成します。(-k オプ" +"ションまたは設定ファイルで定義できる)スケルトンディレクトリーにあるファイル" +"とディレクトリーがホームディレクトリーにコピーされます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:121 msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" +msgstr "<option>-M</option>,<option>--no-create-home</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:125 msgid "" "Do not create the user's home directory. Overrides configuration settings." -msgstr "" +msgstr "ユーザーのホームディレクトリーを作成しません。設定を上書きします。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:132 @@ -5388,6 +6251,8 @@ msgid "" "<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" "replaceable>" msgstr "" +"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" +"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:137 @@ -5396,6 +6261,9 @@ msgid "" "the user's home directory, when the home directory is created by " "<command>sss_useradd</command>." msgstr "" +"スケルトンディレクトリーです。ホームディレクトリーが <command>sss_useradd</" +"command> により作成されるとき、ユーザーのホームディレクトリーにコピーされる" +"ファイルとディレクトリーを含みます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:143 @@ -5404,6 +6272,9 @@ msgid "" "home</option>) option is specified, or creation of home directories is set " "to TRUE in the configuration." msgstr "" +"<option>-m</option> (または <option>--create-home</option>) オプションが指定" +"されたとき、またはホームディレクトリーの作成が設定において TRUE に設定されて" +"いる場合のみ、このオプションが有効です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_useradd.8.xml:152 sss_usermod.8.xml:124 @@ -5411,6 +6282,8 @@ msgid "" "<option>-Z</option>,<option>--selinux-user</option> " "<replaceable>SELINUX_USER</replaceable>" msgstr "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_useradd.8.xml:157 @@ -5418,6 +6291,8 @@ msgid "" "The SELinux user for the user's login. If not specified, the system default " "will be used." msgstr "" +"ユーザーがログインする際の SELinux ユーザーです。未指定の場合、システムの初期" +"値を使います。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_useradd.8.xml:169 @@ -5432,11 +6307,20 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 msgid "sssd-krb5" -msgstr "" +msgstr "sssd-krb5" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:23 @@ -5448,6 +6332,12 @@ msgid "" "the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page" msgstr "" +"このマニュアルは <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> に対する Kerberos 5 認証バックエンド" +"の設定を説明しています。詳細な構文の参考資料は、<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> マニュアルページの <quote>ファイル形式</quote> セクションを参照" +"してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:36 @@ -5480,18 +6370,21 @@ msgid "" "<command>sssd</command> will construct a UPN using the format " "<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." msgstr "" +"UPN が識別バックエンド <command>sssd</command> において利用できない場合は、形" +"式 <replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable> " +"を使用して UPN を構築します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:106 msgid "" "The name of the Kerberos realm. This option is required and must be " "specified." -msgstr "" +msgstr "Kerberos レルムの名前です。このオプションは指定する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:113 msgid "krb5_kpasswd (string)" -msgstr "" +msgstr "krb5_kpasswd (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:116 @@ -5513,12 +6406,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:129 msgid "Default: Use the KDC" -msgstr "" +msgstr "初期値: KDC を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:135 msgid "krb5_ccachedir (string)" -msgstr "" +msgstr "krb5_ccachedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:138 @@ -5535,62 +6428,62 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:151 msgid "Default: /tmp" -msgstr "" +msgstr "初期値: /tmp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:157 msgid "krb5_ccname_template (string)" -msgstr "" +msgstr "krb5_ccname_template (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:171 msgid "login UID" -msgstr "" +msgstr "ログイン UID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:174 msgid "%p" -msgstr "" +msgstr "%p" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:175 msgid "principal name" -msgstr "" +msgstr "プリンシパル名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:179 msgid "%r" -msgstr "" +msgstr "%r" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:180 msgid "realm name" -msgstr "" +msgstr "レルム名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:183 msgid "%h" -msgstr "" +msgstr "%h" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:184 msgid "home directory" -msgstr "" +msgstr "ホームディレクトリー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:189 msgid "value of krb5ccache_dir" -msgstr "" +msgstr "krb5ccache_dir の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:194 msgid "%P" -msgstr "" +msgstr "%P" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:195 msgid "the process ID of the sssd client" -msgstr "" +msgstr "sssd クライアントのプロセス ID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:160 @@ -5605,12 +6498,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:209 msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" +msgstr "初期値: FILE:%d/krb5cc_%U_XXXXXX" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:215 msgid "krb5_auth_timeout (integer)" -msgstr "" +msgstr "krb5_auth_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:218 @@ -5618,11 +6511,13 @@ msgid "" "Timeout in seconds after an online authentication or change password request " "is aborted. If possible the authentication request is continued offline." msgstr "" +"オンライン認証またはパスワード変更要求が中止された後の秒単位のタイムアウトで" +"す。可能ならば、認証要求がオフラインで継続されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:241 msgid "krb5_keytab (string)" -msgstr "" +msgstr "krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:244 @@ -5630,16 +6525,18 @@ msgid "" "The location of the keytab to use when validating credentials obtained from " "KDCs." msgstr "" +"KDC から取得したクレディンシャルを検証するときに使用されるキーテーブルの場所" +"です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:248 msgid "Default: /etc/krb5.keytab" -msgstr "" +msgstr "初期値: /etc/krb5.keytab" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:254 msgid "krb5_store_password_if_offline (boolean)" -msgstr "" +msgstr "krb5_store_password_if_offline (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:257 @@ -5647,6 +6544,8 @@ msgid "" "Store the password of the user if the provider is offline and use it to " "request a TGT when the provider gets online again." msgstr "" +"プロバイダーがオフラインの場合にユーザーのパスワードを保存して、プロバイダー" +"が再びオンラインになったときに TGT を要求するために使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:262 @@ -5659,7 +6558,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:275 msgid "krb5_renewable_lifetime (string)" -msgstr "" +msgstr "krb5_renewable_lifetime (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:278 @@ -5671,27 +6570,27 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 msgid "<emphasis>s</emphasis> seconds" -msgstr "" +msgstr "<emphasis>s</emphasis> 秒" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 msgid "<emphasis>m</emphasis> minutes" -msgstr "" +msgstr "<emphasis>m</emphasis> 分" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 msgid "<emphasis>h</emphasis> hours" -msgstr "" +msgstr "<emphasis>h</emphasis> 時" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 msgid "<emphasis>d</emphasis> days." -msgstr "" +msgstr "<emphasis>d</emphasis> 日。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" +msgstr "デリミター <emphasis>s</emphasis> がないと仮定されている場合です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:299 @@ -5700,16 +6599,18 @@ msgid "" "renewable lifetime to one and a half hours please use '90m' instead of " "'1h30m'." msgstr "" +"単位は混在できないことに注意してください。更新可能な生存期間を1時間半に設定し" +"たければ、 '1h30m' の代わりに '90m' を使用してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:305 msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" +msgstr "初期値: 設定されません、つまり TGT は更新可能ではありません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:311 msgid "krb5_lifetime (string)" -msgstr "" +msgstr "krb5_lifetime (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:314 @@ -5724,17 +6625,21 @@ msgid "" "Please note that it is not possible to mix units. If you want to set the " "lifetime to one and a half hours please use '90m' instead of '1h30m'." msgstr "" +"単位は混在できないことに注意してください。更新可能な生存期間を1時間半に設定し" +"たければ、 '1h30m' の代わりに '90m' を使用してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:340 msgid "" "Default: not set, i.e. the default ticket lifetime configured on the KDC." msgstr "" +"初期値: 設定されません、つまり KDC において設定されているチケット有効期間の初" +"期値です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:347 msgid "krb5_renew_interval (integer)" -msgstr "" +msgstr "krb5_renew_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:350 @@ -5742,16 +6647,20 @@ msgid "" "The time in seconds between two checks if the TGT should be renewed. TGTs " "are renewed if about half of their lifetime is exceeded." msgstr "" +"TGT を更新すべきかを確認する秒単位の間隔。生存期間の半分が超えていると、 TGT " +"は更新されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:355 msgid "If this option is not set or 0 the automatic renewal is disabled." msgstr "" +"このオプションが設定されていない場合、または 0 に設定されている場合、自動更新" +"は無効にされます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:365 msgid "krb5_use_fast (string)" -msgstr "" +msgstr "krb5_use_fast (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:368 @@ -5759,6 +6668,8 @@ msgid "" "Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" "authentication. The following options are supported:" msgstr "" +"Kerberos の事前認証のために flexible authentication secure tunneling (FAST) " +"を有効化します。以下のオプションがサポートされます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:373 @@ -5766,6 +6677,8 @@ msgid "" "<emphasis>never</emphasis> use FAST, this is equivalent to not set this " "option at all." msgstr "" +"<emphasis>never</emphasis> は FAST を使用します、このオプションを何も設定しな" +"いことと同等です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:377 @@ -5773,6 +6686,8 @@ msgid "" "<emphasis>try</emphasis> to use FAST, if the server does not support fast " "continue without." msgstr "" +"<emphasis>try</emphasis> は FAST を使用します。サーバーが fast をサポートして" +"いなければ、続行しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:381 @@ -5780,16 +6695,18 @@ msgid "" "<emphasis>demand</emphasis> to use FAST, fail if the server does not require " "fast." msgstr "" +"<emphasis>demand</emphasis> は FAST を使用します、サーバーが fast を要求しな" +"ければ失敗します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:385 msgid "Default: not set, i.e. FAST is not used." -msgstr "" +msgstr "初期値: 設定されません、つまり FAST が使用されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:388 msgid "Please note that a keytab is required to use fast." -msgstr "" +msgstr "キーテーブルが fast を使用する必要があることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:391 @@ -5798,16 +6715,19 @@ msgid "" "and above. If sssd used with an older version using this option is a " "configuration error." msgstr "" +"sssd は MIT Kerberos バージョン 1.8 およびそれ以上のみで fast をサポートする" +"ことに注意してください。 sssd が古いバージョンで使用していると、このオプショ" +"ンは設定エラーになります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:400 msgid "krb5_fast_principal (string)" -msgstr "" +msgstr "krb5_fast_principal (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:403 msgid "Specifies the server principal to use for FAST." -msgstr "" +msgstr "FAST に対して使用するサーバープリンシパルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:412 @@ -5815,6 +6735,8 @@ msgid "" "Specifies if the host and user principal should be canonicalized. This " "feature is available with MIT Kerberos >= 1.7" msgstr "" +"ホストおよびユーザーのプリンシパルが正規化されるかどうかを指定します。この機" +"能は MIT Kerberos >= 1.7 にて利用可能です。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 @@ -5825,6 +6747,11 @@ msgid "" "SECTIONS</quote> for details on the configuration of a SSSD domain. " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"認証モジュール krb5 が SSSD ドメインにおいて使用されていると、以下のオプショ" +"ンが使用される必要があります。 SSSD ドメインの設定における詳細は " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> マニュアルページの <quote>ドメインセクション</" +"quote> を参照してください。 <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:434 @@ -5844,6 +6771,10 @@ msgid "" " krb5_server = 192.168.1.1\n" " krb5_realm = EXAMPLE.COM\n" msgstr "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:453 @@ -5853,16 +6784,20 @@ msgid "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 msgid "sss_groupadd" -msgstr "" +msgstr "sss_groupadd" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupadd.8.xml:16 msgid "create a new group" -msgstr "" +msgstr "新しいグループを作成する" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupadd.8.xml:21 @@ -5871,6 +6806,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:32 @@ -5879,12 +6817,16 @@ msgid "" "compatible with POSIX groups, with the additional feature that they can " "contain other groups as members." msgstr "" +"<command>sss_groupadd</command> が新しいグループを作成します。これらのグルー" +"プは POSIX グループと互換性があり、他のグループをメンバーとして含められる追加" +"機能と互換性があります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupadd.8.xml:43 msgid "" "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" msgstr "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupadd.8.xml:48 @@ -5892,6 +6834,8 @@ msgid "" "Set the GID of the group to the value of <replaceable>GID</replaceable>. If " "not given, it is chosen automatically." msgstr "" +"グループの GID を <replaceable>GID</replaceable> の値に設定します。与えられな" +"いと、自動的に選択されます。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:60 @@ -5906,16 +6850,25 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_userdel.8.xml:10 sss_userdel.8.xml:15 msgid "sss_userdel" -msgstr "" +msgstr "sss_userdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_userdel.8.xml:16 msgid "delete a user account" -msgstr "" +msgstr "ユーザーアカウントを削除する" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_userdel.8.xml:21 @@ -5924,6 +6877,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:32 @@ -5931,11 +6887,13 @@ msgid "" "<command>sss_userdel</command> deletes a user identified by login name " "<replaceable>LOGIN</replaceable> from the system." msgstr "" +"<command>sss_userdel</command> はログイン名 <replaceable>LOGIN</replaceable> " +"により識別されるユーザーをシステムから削除します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:44 msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" +msgstr "<option>-r</option>,<option>--remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:48 @@ -5943,11 +6901,13 @@ msgid "" "Files in the user's home directory will be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" +"ユーザーのホームディレクトリーにあるファイルは、それ自身のホームディレクト" +"リーとユーザーのメールスプールとともに削除されます。設定が上書きされます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:56 msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" +msgstr "<option>-R</option>,<option>--no-remove</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:60 @@ -5955,11 +6915,13 @@ msgid "" "Files in the user's home directory will NOT be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" +"ユーザーのホームディレクトリーにあるファイルは、それ自身のホームディレクト" +"リーとユーザーのメールスプールとともに削除されません。設定が上書きされます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:68 msgid "<option>-f</option>,<option>--force</option>" -msgstr "" +msgstr "<option>-f</option>,<option>--force</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:72 @@ -5967,16 +6929,19 @@ msgid "" "This option forces <command>sss_userdel</command> to remove the user's home " "directory and mail spool, even if they are not owned by the specified user." msgstr "" +"このオプションは、指定されたユーザーにより所有されていないものさえ、" +"<command>sss_userdel</command> がユーザーのホームディレクトリーとメールスプー" +"ルを削除するよう強制します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:80 msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" +msgstr "<option>-k</option>,<option>--kick</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:84 msgid "Before actually deleting the user, terminate all his processes." -msgstr "" +msgstr "実際にユーザーを削除する前に、そのプロセスをすべて停止します。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:95 @@ -5991,16 +6956,25 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 msgid "sss_groupdel" -msgstr "" +msgstr "sss_groupdel" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupdel.8.xml:16 msgid "delete a group" -msgstr "" +msgstr "グループを削除する" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupdel.8.xml:21 @@ -6009,6 +6983,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:32 @@ -6016,6 +6993,8 @@ msgid "" "<command>sss_groupdel</command> deletes a group identified by its name " "<replaceable>GROUP</replaceable> from the system." msgstr "" +"<command>sss_groupdel</command> は名前 <replaceable>GROUP</replaceable> によ" +"り識別されるグループをシステムから削除します。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:48 @@ -6030,16 +7009,25 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 msgid "sss_groupshow" -msgstr "" +msgstr "sss_groupshow" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupshow.8.xml:16 msgid "print properties of a group" -msgstr "" +msgstr "グループのプロパティーを表示します" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupshow.8.xml:21 @@ -6048,6 +7036,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" "arg>" msgstr "" +"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupshow.8.xml:32 @@ -6056,11 +7047,14 @@ msgid "" "identified by its name <replaceable>GROUP</replaceable>. The information " "includes the group ID number, members of the group and the parent group." msgstr "" +"<command>sss_groupshow</command> はその名前 <replaceable>GROUP</replaceable> " +"により識別されるグループに関する情報を表示します。情報はグループ ID 番号、グ" +"ループのメンバーおよび親グループを含みます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupshow.8.xml:43 msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" +msgstr "<option>-R</option>,<option>--recursive</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupshow.8.xml:47 @@ -6082,16 +7076,24 @@ msgid "" "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_usermod.8.xml:10 sss_usermod.8.xml:15 msgid "sss_usermod" -msgstr "" +msgstr "sss_usermod" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_usermod.8.xml:16 msgid "modify a user account" -msgstr "" +msgstr "ユーザーアカウントを修正します" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_usermod.8.xml:21 @@ -6100,6 +7102,9 @@ msgid "" "replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" "arg>" msgstr "" +"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" #. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:32 @@ -6108,16 +7113,19 @@ msgid "" "<replaceable>LOGIN</replaceable> to reflect the changes that are specified " "on the command line." msgstr "" +"<command>sss_usermod</command> は、コマンドラインにおいて指定された変更を反映" +"するために、 <replaceable>LOGIN</replaceable> により指定されたアカウントを変" +"更します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:60 msgid "The home directory of the user account." -msgstr "" +msgstr "ユーザーアカウントのホームディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:71 msgid "The user's login shell." -msgstr "" +msgstr "ユーザーのログインシェルです。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:82 @@ -6126,38 +7134,41 @@ msgid "" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" +"このユーザーを <replaceable>GROUPS</replaceable> パラメーターにより指定された" +"グループに追加します。 <replaceable>GROUPS</replaceable> パラメーターはグルー" +"プ名のカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:96 msgid "" "Remove this user from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." -msgstr "" +msgstr "<replaceable>GROUPS</replaceable> " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:103 msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" +msgstr "<option>-l</option>,<option>--lock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:107 msgid "Lock the user account. The user won't be able to log in." -msgstr "" +msgstr "ユーザーアカウントをロックします。ユーザーはログインできなくなります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:114 msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" +msgstr "<option>-u</option>,<option>--unlock</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:118 msgid "Unlock the user account." -msgstr "" +msgstr "ユーザーアカウントのロックを解除します。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:129 msgid "The SELinux user for the user's login." -msgstr "" +msgstr "ユーザーのログインのための SELinux ユーザーです。" #. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:140 @@ -6172,11 +7183,421 @@ msgid "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "sss_cache" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "キャッシュクリーンアップを実行する" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" +"<command>sss_cache</command> は SSSD キャッシュにあるレコードを無効にします。" +"無効化されたレコードは、関連する SSSD バックエンドがオンラインになるとすぐ" +"に、サーバーから強制的に再読み込みされます。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "特定のユーザーを無効にします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "<option>-U</option>,<option>--users</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" +"すべてのユーザーレコードを無効にします。このオプションも設定されていると、こ" +"れが特定のユーザーの無効化を上書きします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "特定のグループを無効にします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "<option>-G</option>,<option>--groups</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" +"すべてのグループレコードを無効にします。このオプションも設定されていると、こ" +"れが特定のグループの無効化を上書きします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "特定のネットワークグループを無効にします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "<option>-N</option>,<option>--netgroups</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" +"すべてのネットワークグループレコードを無効にします。このオプションが設定され" +"ていると、これが特定のネットワークグループの無効化を上書きします。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "無効化プロセスを特定のドメインのみに制限します。" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "sss_debuglevel" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "SSSD が実行中にデバッグレベルを変更する" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" +"<command>sss_debuglevel</command> は SSSD が実行中に SSSD モニターとプロバイ" +"ダーのデバッグレベルを <replaceable>NEW_DEBUG_LEVEL</replaceable> に変更しま" +"す。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "<replaceable>NEW_DEBUG_LEVEL</replaceable>" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "sss_ssh_authorizedkeys" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "1" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "OpenSSH 認可キーを取得する" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" +"<command>sss_ssh_authorizedkeys</command> はユーザー <replaceable>USER</" +"replaceable> の SSH 公開鍵を取得して、 OpenSSH authorized_keys 形式に出力しま" +"す (詳細は <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> の <quote>AUTHORIZED_KEYS FILE FORMAT</quote> セク" +"ションを参照してください)。" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> は、 <quote>AuthorizedKeysCommand</quote> または " +"<quote>PubkeyAgent</quote> <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle> <manvolnum>5</manvolnum></citerefentry> オプションのサポート付" +"きでコンパイルされていると、公開鍵ユーザー認証のために " +"<command>sss_ssh_authorizedkeys</command> を使用するために設定できます。" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"<quote>AuthorizedKeysCommand</quote> がサポートされていると、 " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> は <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> に以下のディレクティブを置くことによ" +"り、これを使用するために設定できます: <placeholder type=\"programlisting\" " +"id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" +"<quote>PubkeyAgent</quote> がサポートされていると、 " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> は <citerefentry> <refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> 設定に以下のディレクティブを置くこと" +"により、これを使用するために設定できます: <placeholder type=\"programlisting" +"\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" +"SSSD ドメイン <replaceable>DOMAIN</replaceable> にあるユーザーの公開鍵を検索" +"します。" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "sss_ssh_knownhostsproxy" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "OpenSSH ホストキーを取得します" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" +"<command>sss_ssh_knownhostsproxy</command> はホスト <replaceable>HOST</" +"replaceable> の SSH ホスト鍵を取得して、個別の OpenSSH known_hosts ファイル " +"(詳細は <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> の <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> セク" +"ションを参照してください) <filename>/var/lib/sss/pubconf/known_hosts</" +"filename> に保存して、ホストへの接続を確立します。" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" +"<replaceable>PROXY_COMMAND</replaceable> が指定されていると、ソケットを開く代" +"わりにホストへの接続を作成するために使用されます。" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> は <citerefentry><refentrytitle>ssh</refentrytitle> " +"<manvolnum>1</manvolnum></citerefentry> 設定に対して以下のディレクティブを使" +"用することにより、ホストキー認証に <command>sss_ssh_knownhostsproxy</" +"command> を使用するために設定できます: <placeholder type=\"programlisting\" " +"id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" +"ホストに接続するためにポート <replaceable>PORT</replaceable> を使用します。初" +"期値ではポート 22 が使用されます。" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" +"SSSD ドメイン <replaceable>DOMAIN</replaceable> においてホスト公開鍵を検索し" +"ます。" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" -msgstr "" +msgstr "サービス検索" #. type: Content of: <refsect1><para> #: include/service_discovery.xml:4 @@ -6184,11 +7605,13 @@ msgid "" "The service discovery feature allows back ends to automatically find the " "appropriate servers to connect to using a special DNS query." msgstr "" +"サービス探索機能により、バックエンドが特別な DNS 問い合わせを使用して、接続す" +"るための適切なサービスを自動的に検索できます。" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:9 msgid "Configuration" -msgstr "" +msgstr "設定" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:11 @@ -6205,7 +7628,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:23 msgid "The domain name" -msgstr "" +msgstr "ドメイン名" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:25 @@ -6214,11 +7637,14 @@ msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for more details." msgstr "" +"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> マニュアルページにある " +"<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:35 msgid "The protocol" -msgstr "" +msgstr "プロトコル" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:37 @@ -6226,27 +7652,29 @@ msgid "" "The queries usually specify _tcp as the protocol. Exceptions are documented " "in respective option description." msgstr "" +"問い合わせは通常プロトコルとして _tcp を指定します。その他はそれぞれのオプ" +"ションの説明にドキュメント化されています。" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:42 msgid "See Also" -msgstr "" +msgstr "関連項目" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:44 msgid "" "For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" +msgstr "サービス検索メカニズムに関する詳細は RFC 2782 を参照してください。" #. type: Content of: outside any tag (error?) #: include/upstream.xml:1 msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" #. type: Content of: <refsect1><title> #: include/failover.xml:2 msgid "FAILOVER" -msgstr "" +msgstr "フェイルオーバー" #. type: Content of: <refsect1><para> #: include/failover.xml:4 @@ -6254,11 +7682,13 @@ msgid "" "The failover feature allows back ends to automatically switch to a different " "server if the primary server fails." msgstr "" +"フェイルオーバー機能はプライマリーサーバーが停止した場合にバックエンドが異な" +"るサーバーに自動的に切り替えられるようにします。" #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:8 msgid "Failover Syntax" -msgstr "" +msgstr "フェイルオーバーの構文" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:10 @@ -6267,11 +7697,14 @@ msgid "" "is allowed around the comma. The servers are listed in order of preference. " "The list can contain any number of servers." msgstr "" +"サーバーの一覧がカンマ区切り一覧として与えられます。カンマの前後で空白はいく" +"つでも許されます。サーバーは性能の順番で一覧化されます。一覧はサーバーをいく" +"つでも含められます。" #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:17 msgid "The Failover Mechanism" -msgstr "" +msgstr "フェイルオーバーのメカニズム" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:19 @@ -6305,9 +7738,141 @@ msgstr "" #. type: Content of: <varlistentry><term> #: include/param_help.xml:3 msgid "<option>-h</option>,<option>--help</option>" -msgstr "" +msgstr "<option>-h</option>,<option>--help</option>" #. type: Content of: <varlistentry><listitem><para> #: include/param_help.xml:7 msgid "Display help message and exit." +msgstr "ヘルプメッセージを表示して終了します。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" +"デバッグレベルを指示するビットマスクは見ることができます。 0x0010 は初期値で" +"あり、利用できる最小値です。 0xFFF0 は最も冗長なモードです。この設定は設定" +"ファイルの設定により上書きされます。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "現在サポートされるデバッグレベル:" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" +"<emphasis>0x0010</emphasis>: 致命的なエラー。 SSSD が開始するのを妨げる、また" +"は実行を中断させることすべてです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" +"<emphasis>0x0020</emphasis>: 重大なエラー。 SSSD が強制停止しないが、複数の機" +"能が正しく動作しないエラーです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" +"<emphasis>0x0040</emphasis>: 深刻なエラー。特定の要求や操作が失敗したことを通" +"知するエラーです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" +"<emphasis>0x0080</emphasis>: 軽微なエラー。これらは 2 の操作失敗を引き起こす" +"よう下にしみだすエラーです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "<emphasis>0x0100</emphasis>: 設定値の設定です。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "<emphasis>0x0200</emphasis>: 関数のデータです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "<emphasis>0x0400</emphasis>: 操作関数のトレースメッセージです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "<emphasis>0x1000</emphasis>: 内部制御関数のトレースメッセージです。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" +"<emphasis>0x2000</emphasis>: 興味があるかもしれない関数の内部変数の内容です。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "<emphasis>0x4000</emphasis>: 極めて低レベルのトレース情報です。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" +"必要となるデバッグレベルをログに取得するには、以下の例に示されるようにこれら" +"の数字を単に追加します:" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" +"<emphasis>例</emphasis>: 致命的なエラー、重大なエラー、深刻なエラーおよび関数" +"データをログに取得するには 0x0270 を使用します。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" +"<emphasis>例</emphasis>: 致命的なエラー、設定値の設定、関数データ、内部制御関" +"数のトレースメッセージをログに取得するには 0x1310 を使用します。" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" +"<emphasis>注</emphasis>: これは 1.7.0 において導入されたデバッグレベルの新し" +"い形式です。古い形式(0-10 の数字)は互換性がありますが、推奨されません。" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" msgstr "" +"<emphasis> これは実験的な機能です、何らかの問題を報告するには http://" +"fedorahosted.org/sssd を使用してください。 </emphasis>" diff --git a/src/man/po/ja_JP.po b/src/man/po/ja_JP.po deleted file mode 100644 index 9d4f68bcf..000000000 --- a/src/man/po/ja_JP.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: LANGUAGE <LL@li.org>\n" -"Language: ja_JP\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/ko.po b/src/man/po/ko.po deleted file mode 100644 index e6ba72c88..000000000 --- a/src/man/po/ko.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Korean (http://www.transifex.net/projects/p/fedora/team/ko/)\n" -"Language: ko\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/lt.po b/src/man/po/lt.po deleted file mode 100644 index db5d14bae..000000000 --- a/src/man/po/lt.po +++ /dev/null @@ -1,6315 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Lithuanian (http://www.transifex.net/projects/p/fedora/team/" -"lt/)\n" -"Language: lt\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n" -"%100<10 || n%100>=20) ? 1 : 2)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/nb.po b/src/man/po/nb.po deleted file mode 100644 index 5f32be07c..000000000 --- a/src/man/po/nb.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n" -"Language: nb\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/nl.po b/src/man/po/nl.po index a8e2562bd..914f8c4d8 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -8,10 +8,11 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-08 11:52+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" -"Language-Team: Dutch (http://www.transifex.net/projects/p/fedora/team/nl/)\n" +"Language-Team: Dutch (http://www.transifex.net/projects/p/fedora/language/" +"nl/)\n" "Language: nl\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -23,7 +24,9 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "SSSD handleiding" @@ -36,7 +39,8 @@ msgstr "sss_groupmod" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "8" @@ -62,6 +66,8 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "OMSCHRIJVING" @@ -78,6 +84,8 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "OPTIES" @@ -120,12 +128,13 @@ msgstr "" "replaceable> parameter." #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "ZIE OOK" @@ -255,7 +264,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "Sectie parameters" @@ -518,7 +527,7 @@ msgid "Add a timestamp to the debug messages" msgstr "Voeg een tijdstempel toe aan de debugberichten" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" msgstr "Standaard: true" @@ -534,7 +543,7 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 @@ -543,11 +552,31 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 +msgid "fd_limit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:273 +msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 msgid "command (string)" msgstr "command (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 +#: sssd.conf.5.xml:290 msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " @@ -556,17 +585,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" msgstr "Standaard: <command>sssd_${service_name}</command>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "NSS configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -574,12 +603,12 @@ msgstr "" "configurere." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -588,17 +617,17 @@ msgstr "" "over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" msgstr "Standaard: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -606,7 +635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -616,7 +645,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -625,17 +654,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -643,17 +672,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -662,78 +691,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -741,138 +770,138 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -880,59 +909,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -940,7 +969,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -949,17 +978,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -967,33 +996,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -#, fuzzy -#| msgid "NSS configuration options" +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" -msgstr "NSS configuratie-opties" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -#, fuzzy -#| msgid "These options can be used to configure any service." +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." -msgstr "Deze opties kunnen gebruikt worden om services te configureren." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " @@ -1001,7 +1024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -1010,81 +1033,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -#, fuzzy -#| msgid "Default: 120" +#: sssd.conf.5.xml:645 msgid "Default: 180" -msgstr "Standaard: 120" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -#, fuzzy -#| msgid "debug_timestamps (bool)" +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" -msgstr "debug_timestamps (bool)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -#, fuzzy -#| msgid "NSS configuration options" +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" -msgstr "NSS configuratie-opties" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -#, fuzzy -#| msgid "These options can be used to configure any service." +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." -msgstr "Deze opties kunnen gebruikt worden om services te configureren." +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -#, fuzzy -#| msgid "entry_negative_timeout (integer)" +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" -msgstr "entry_negative_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1093,56 +1106,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1152,14 +1165,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1168,130 +1181,98 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss cache enumerations (requests for info " -#| "about all users)" +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" -"Hoeveel seconden zouden nss_sss cache enumeraties (verzoeken om informatie " -"over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss cache enumerations (requests for info " -#| "about all users)" +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" -"Hoeveel seconden zouden nss_sss cache enumeraties (verzoeken om informatie " -"over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss cache enumerations (requests for info " -#| "about all users)" +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" -"Hoeveel seconden zouden nss_sss cache enumeraties (verzoeken om informatie " -"over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss cache enumerations (requests for info " -#| "about all users)" +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" -"Hoeveel seconden zouden nss_sss cache enumeraties (verzoeken om informatie " -"over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1300,47 +1281,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1349,19 +1330,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1369,7 +1350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1377,30 +1358,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1408,17 +1389,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1427,24 +1408,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1452,7 +1433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1460,7 +1441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1468,35 +1449,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1504,31 +1485,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -#, fuzzy -#| msgid "re_expression (string)" +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1536,66 +1515,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1603,51 +1582,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1655,29 +1634,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1685,19 +1664,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1705,73 +1684,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -1779,17 +1758,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -1798,17 +1777,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -1816,17 +1795,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -1834,18 +1813,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1875,7 +1854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -1884,7 +1863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -2592,10 +2571,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:622 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "ldap_purge_cache_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:625 @@ -2889,10 +2866,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 -#, fuzzy -#| msgid "Default: true" msgid "Default: ipService" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:912 @@ -2908,10 +2883,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:925 -#, fuzzy -#| msgid "full_name_format (string)" msgid "ldap_service_port (string)" -msgstr "full_name_format (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:928 @@ -2920,17 +2893,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:932 -#, fuzzy -#| msgid "Default: true" msgid "Default: ipServicePort" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:938 -#, fuzzy -#| msgid "re_expression (string)" msgid "ldap_service_proto (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:941 @@ -3454,19 +3423,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1416 -#, fuzzy -#| msgid "" -#| "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -#| "manvolnum> </citerefentry>-compatible format that describes how to " -#| "translate a (name, domain) tuple into a fully qualified name." msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" -"Een <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatibel formaat wat omschrijft hoe een tuple " -"(met name, domain) vertaald wordt in een full qualified name." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1422 @@ -3734,10 +3695,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 -#, fuzzy -#| msgid "OPTIONS" msgid "SUDO OPTIONS" -msgstr "OPTIES" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 @@ -3751,17 +3710,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1650 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoRole" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1656 -#, fuzzy -#| msgid "full_name_format (string)" msgid "ldap_sudorule_name (string)" -msgstr "full_name_format (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1659 @@ -3770,10 +3725,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1669 -#, fuzzy -#| msgid "command (string)" msgid "ldap_sudorule_command (string)" -msgstr "command (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1672 @@ -3782,10 +3735,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1676 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoCommand" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1682 @@ -3801,10 +3752,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 -#, fuzzy -#| msgid "Default: 3" msgid "Default: sudoHost" -msgstr "Standaard: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1696 @@ -3820,17 +3769,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1703 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoUser" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1709 -#, fuzzy -#| msgid "re_expression (string)" msgid "ldap_sudorule_option (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1712 @@ -3839,10 +3784,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoOption" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1722 @@ -3858,10 +3801,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1729 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoRunAsUser" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1735 @@ -3877,10 +3818,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1742 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoRunAsGroup" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1748 @@ -3896,10 +3835,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1755 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoNotBefore" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1761 @@ -3915,10 +3852,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1769 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoNotAfter" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1775 @@ -3932,10 +3867,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1782 -#, fuzzy -#| msgid "Default: true" msgid "Default: sudoOrder" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1788 @@ -3951,10 +3884,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1801 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "enum_cache_timeout (numeriek)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1804 @@ -3971,17 +3902,15 @@ msgstr "" #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 -#, fuzzy -#| msgid "OPTIONS" msgid "AUTOFS OPTIONS" -msgstr "OPTIES" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 @@ -4002,10 +3931,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -#, fuzzy -#| msgid "Default: true" msgid "Default: automountMap" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1847 @@ -4019,10 +3946,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 -#, fuzzy -#| msgid "Default: 3" msgid "Default: ou" -msgstr "Standaard: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1860 @@ -4856,10 +4781,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:307 -#, fuzzy -#| msgid "re_expression (string)" msgid "ipa_automount_location (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:310 @@ -5029,10 +4952,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:459 -#, fuzzy -#| msgid "Default: 3" msgid "Default: seeAlso" -msgstr "Standaard: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:464 @@ -5046,10 +4967,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:471 -#, fuzzy -#| msgid "Default: true" msgid "Default: ipaSELinuxUser" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:476 @@ -5080,10 +4999,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:495 -#, fuzzy -#| msgid "Default: true" msgid "Default: userCategory" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:500 @@ -5097,10 +5014,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:507 -#, fuzzy -#| msgid "Default: true" msgid "Default: hostCategory" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:512 @@ -5114,10 +5029,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:519 -#, fuzzy -#| msgid "Default: true" msgid "Default: ipaUniqueID" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:524 @@ -5131,10 +5044,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:531 -#, fuzzy -#| msgid "Default: true" msgid "Default: ipaSshPubKey" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:546 @@ -5271,12 +5182,12 @@ msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -5423,7 +5334,8 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" @@ -6369,6 +6281,321 @@ msgid "" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -6508,5 +6735,112 @@ msgstr "" msgid "Display help message and exit." msgstr "" -#~ msgid "Supported services: nss, pam" -#~ msgstr "Ondersteunde diensten: nss, pam" +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/nn.po b/src/man/po/nn.po deleted file mode 100644 index bcfe3c67d..000000000 --- a/src/man/po/nn.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Norwegian Nynorsk <i18n-nn@lister.ping.uio.no>\n" -"Language: nn\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/pl.po b/src/man/po/pl.po deleted file mode 100644 index 1392c60b1..000000000 --- a/src/man/po/pl.po +++ /dev/null @@ -1,6316 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" -"Last-Translator: sgallagh <sgallagh@redhat.com>\n" -"Language-Team: Polish (http://www.transifex.net/projects/p/fedora/team/pl/)\n" -"Language: pl\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 " -"|| n%100>=20) ? 1 : 2)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" -"Katalog w systemie plików, w którym SSSD powinno przechowywać pliki pamięci " -"podręcznej odtwarzania Kerberosa." - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/po4a.cfg b/src/man/po/po4a.cfg index d33f5c813..3e5af7421 100644 --- a/src/man/po/po4a.cfg +++ b/src/man/po/po4a.cfg @@ -1,4 +1,4 @@ -[po4a_langs] as bs bn ca cs de el es et fa fi fr hu id it ja_JP ja ko lt nb nl nn pl pt_BR pt ru sk sq sr ta tr uk ur vi zh_CN zh_TW +[po4a_langs] cs es fr ja nl pt ru tg uk [po4a_paths] po/sssd-docs.pot $lang:po/$lang.po [type:docbook] sss_groupmod.8.xml $lang:$(builddir)/$lang/sss_groupmod.8.xml [type:docbook] sssd.conf.5.xml $lang:$(builddir)/$lang/sssd.conf.5.xml diff --git a/src/man/po/pt.po b/src/man/po/pt.po index 5c02e66f5..b7fc6895a 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -8,9 +8,9 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" -"Last-Translator: Miguel Sousa <migueljorgesousa@sapo.pt>\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-08 11:52+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Portuguese <trans-pt@lists.fedoraproject.org>\n" "Language: pt\n" "MIME-Version: 1.0\n" @@ -23,7 +23,9 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Páginas de Manual de SSSD" @@ -36,7 +38,8 @@ msgstr "sss_groupmod" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "8" @@ -62,6 +65,8 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "DESCRIÇÃO" @@ -78,6 +83,8 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "Opções" @@ -120,12 +127,13 @@ msgstr "" "<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "VER TAMBÉM" @@ -250,7 +258,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -490,7 +498,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" msgstr "" @@ -506,7 +514,7 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 @@ -515,12 +523,32 @@ msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 -msgid "command (string)" +msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:273 msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " "name for the service. In the vast majority of configurations, the default " @@ -528,45 +556,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -574,7 +602,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -584,7 +612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -593,17 +621,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" msgstr "Padrão: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -611,17 +639,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -630,78 +658,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "override_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "%u" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "nome de login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "%U" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" msgstr "Número UID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "%d" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "nome de domínio" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "%f" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "nome totalmente qualificado do utilizador (utilizador@domínio)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "%%" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "um literal '%'" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -709,138 +737,138 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "allowed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "vetoed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "shell_fallback (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" msgstr "Padrão: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -848,59 +876,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -908,7 +936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -917,17 +945,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -935,31 +963,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -#, fuzzy -#| msgid "Configuration" +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" -msgstr "Configuração" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" -msgstr "entry_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " @@ -967,7 +991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -976,77 +1000,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -#, fuzzy -#| msgid "Default: 10" +#: sssd.conf.5.xml:645 msgid "Default: 180" -msgstr "Padrão: 10" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -#, fuzzy -#| msgid "remove_homedir (bool)" +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" -msgstr "remove_homedir (bool)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -#, fuzzy -#| msgid "pam_id_timeout (integer)" +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" -msgstr "pam_id_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1055,56 +1073,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" msgstr "Padrão: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1114,14 +1132,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1130,108 +1148,98 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" -msgstr "entry_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" -msgstr "entry_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" -msgstr "entry_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "entry_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" -msgstr "entry_cache_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1240,47 +1248,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" msgstr "Backends suportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1289,19 +1297,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1309,7 +1317,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1317,30 +1325,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1348,17 +1356,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1367,24 +1375,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1392,7 +1400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1400,7 +1408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1408,75 +1416,65 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -#, fuzzy -#| msgid "id_provider (string)" +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" -msgstr "id_provider (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -#, fuzzy -#| msgid "" -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -#, fuzzy -#| msgid "access_provider (string)" +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" -msgstr "access_provider (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1484,66 +1482,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1551,51 +1549,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" msgstr "case_sensitive (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1603,29 +1601,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1633,19 +1631,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1653,73 +1651,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -1727,17 +1725,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -1746,17 +1744,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -1764,17 +1762,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -1782,18 +1780,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1847,7 +1845,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -1856,7 +1854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -2541,10 +2539,8 @@ msgstr "Padrão: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:582 -#, fuzzy -#| msgid "ldap_user_shell (string)" msgid "ldap_user_ssh_public_key (string)" -msgstr "ldap_user_shell (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:585 @@ -2584,10 +2580,8 @@ msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:622 -#, fuzzy -#| msgid "ldap_search_timeout (integer)" msgid "ldap_purge_cache_timeout (integer)" -msgstr "ldap_search_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:625 @@ -2871,10 +2865,8 @@ msgstr "ldap_netgroup_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:900 -#, fuzzy -#| msgid "ipa_host_object_class (string)" msgid "ldap_service_object_class (string)" -msgstr "ipa_host_object_class (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:903 @@ -2883,17 +2875,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 -#, fuzzy -#| msgid "Default: filter" msgid "Default: ipService" -msgstr "Padrão: filter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:912 -#, fuzzy -#| msgid "ldap_user_fullname (string)" msgid "ldap_service_name (string)" -msgstr "ldap_user_fullname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:915 @@ -2904,10 +2892,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:925 -#, fuzzy -#| msgid "ldap_tls_reqcert (string)" msgid "ldap_service_port (string)" -msgstr "ldap_tls_reqcert (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:928 @@ -2916,17 +2902,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:932 -#, fuzzy -#| msgid "Default: ipv4_first" msgid "Default: ipServicePort" -msgstr "Default: ipv4_first" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:938 -#, fuzzy -#| msgid "ldap_tls_reqcert (string)" msgid "ldap_service_proto (string)" -msgstr "ldap_tls_reqcert (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:941 @@ -2936,17 +2918,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:945 -#, fuzzy -#| msgid "Default: ipv4_first" msgid "Default: ipServiceProtocol" -msgstr "Default: ipv4_first" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:951 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_service_search_base (string)" -msgstr "ldap_user_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:954 @@ -3457,17 +3435,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1416 -#, fuzzy -#| msgid "" -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -#| "manvolnum> </citerefentry>" msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1422 @@ -3735,17 +3707,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 -#, fuzzy -#| msgid "OPTIONS" msgid "SUDO OPTIONS" -msgstr "Opções" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 -#, fuzzy -#| msgid "ipa_host_object_class (string)" msgid "ldap_sudorule_object_class (string)" -msgstr "ipa_host_object_class (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1647 @@ -3754,17 +3722,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1650 -#, fuzzy -#| msgid "Default: True" msgid "Default: sudoRole" -msgstr "Padrão: TRUE" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1656 -#, fuzzy -#| msgid "ldap_user_fullname (string)" msgid "ldap_sudorule_name (string)" -msgstr "ldap_user_fullname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1659 @@ -3773,10 +3737,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1669 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_sudorule_command (string)" -msgstr "ldap_deref (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1672 @@ -3785,17 +3747,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1676 -#, fuzzy -#| msgid "Default: shadowMin" msgid "Default: sudoCommand" -msgstr "Padrão: shadowMin" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1682 -#, fuzzy -#| msgid "ldap_user_authorized_host (string)" msgid "ldap_sudorule_host (string)" -msgstr "ldap_user_authorized_host (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1685 @@ -3806,17 +3764,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 -#, fuzzy -#| msgid "Default: host" msgid "Default: sudoHost" -msgstr "Padrão: host" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1696 -#, fuzzy -#| msgid "ldap_user_shell (string)" msgid "ldap_sudorule_user (string)" -msgstr "ldap_user_shell (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1699 @@ -3827,17 +3781,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1703 -#, fuzzy -#| msgid "Default: True" msgid "Default: sudoUser" -msgstr "Padrão: TRUE" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1709 -#, fuzzy -#| msgid "ldap_uri (string)" msgid "ldap_sudorule_option (string)" -msgstr "ldap_uri (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1712 @@ -3846,17 +3796,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 -#, fuzzy -#| msgid "Default: shadowMin" msgid "Default: sudoOption" -msgstr "Padrão: shadowMin" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1722 -#, fuzzy -#| msgid "ldap_user_fullname (string)" msgid "ldap_sudorule_runasuser (string)" -msgstr "ldap_user_fullname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1725 @@ -3867,17 +3813,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1729 -#, fuzzy -#| msgid "Default: none" msgid "Default: sudoRunAsUser" -msgstr "Padrão: none" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1735 -#, fuzzy -#| msgid "ldap_user_uuid (string)" msgid "ldap_sudorule_runasgroup (string)" -msgstr "ldap_user_uuid (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1738 @@ -3888,17 +3830,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1742 -#, fuzzy -#| msgid "Default: shadowMin" msgid "Default: sudoRunAsGroup" -msgstr "Padrão: shadowMin" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1748 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_sudorule_notbefore (string)" -msgstr "ldap_deref (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1751 @@ -3909,17 +3847,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1755 -#, fuzzy -#| msgid "Default: shadowExpire" msgid "Default: sudoNotBefore" -msgstr "Padrão: shadowExpire" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1761 -#, fuzzy -#| msgid "ldap_user_fullname (string)" msgid "ldap_sudorule_notafter (string)" -msgstr "ldap_user_fullname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1764 @@ -3930,17 +3864,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1769 -#, fuzzy -#| msgid "Default: filter" msgid "Default: sudoNotAfter" -msgstr "Padrão: filter" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1775 -#, fuzzy -#| msgid "ldap_deref (string)" msgid "ldap_sudorule_order (string)" -msgstr "ldap_deref (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1778 @@ -3949,17 +3879,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1782 -#, fuzzy -#| msgid "Default: shadowExpire" msgid "Default: sudoOrder" -msgstr "Padrão: shadowExpire" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1788 -#, fuzzy -#| msgid "ldap_force_upper_case_realm (boolean)" msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "ldap_force_upper_case_realm (boolean)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1791 @@ -3970,10 +3896,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1801 -#, fuzzy -#| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "ldap_enumeration_refresh_timeout (integer)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1804 @@ -3983,26 +3907,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1642 -#, fuzzy -#| msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 -#, fuzzy -#| msgid "OPTIONS" msgid "AUTOFS OPTIONS" -msgstr "Opções" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 @@ -4013,10 +3933,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1834 -#, fuzzy -#| msgid "ipa_host_object_class (string)" msgid "ldap_autofs_map_object_class (string)" -msgstr "ipa_host_object_class (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 @@ -4025,17 +3943,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -#, fuzzy -#| msgid "Default: /tmp" msgid "Default: automountMap" -msgstr "Padrão: /tmp." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1847 -#, fuzzy -#| msgid "ldap_user_fullname (string)" msgid "ldap_autofs_map_name (string)" -msgstr "ldap_user_fullname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1850 @@ -4044,24 +3958,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 -#, fuzzy -#| msgid "Default: 3" msgid "Default: ou" -msgstr "Padrão: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1860 -#, fuzzy -#| msgid "ipa_host_object_class (string)" msgid "ldap_autofs_entry_object_class (string)" -msgstr "ipa_host_object_class (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1874 -#, fuzzy -#| msgid "ldap_user_shell (string)" msgid "ldap_autofs_entry_key (string)" -msgstr "ldap_user_shell (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 @@ -4072,17 +3980,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1888 -#, fuzzy -#| msgid "ldap_user_uuid (string)" msgid "ldap_autofs_entry_value (string)" -msgstr "ldap_user_uuid (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1895 -#, fuzzy -#| msgid "Default: shadowInactive" msgid "Default: automountInformation" -msgstr "Padrão: shadowInactive" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1832 @@ -4184,10 +4088,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2012 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_sudo_search_base (string)" -msgstr "ldap_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2015 @@ -4197,10 +4099,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2034 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_autofs_search_base (string)" -msgstr "ldap_user_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2037 @@ -4778,10 +4678,8 @@ msgstr "Default: Use base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:156 -#, fuzzy -#| msgid "ipa_hbac_search_base (string)" msgid "ipa_host_search_base (string)" -msgstr "ipa_hbac_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:159 @@ -4798,10 +4696,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:180 -#, fuzzy -#| msgid "ipa_hbac_search_base (string)" msgid "ipa_selinux_search_base (string)" -msgstr "ipa_hbac_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:183 @@ -4921,10 +4817,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:307 -#, fuzzy -#| msgid "ipa_domain (string)" msgid "ipa_automount_location (string)" -msgstr "ipa_domain (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:310 @@ -5044,17 +4938,13 @@ msgstr "Padrão: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:404 -#, fuzzy -#| msgid "ipa_host_object_class (string)" msgid "ipa_selinux_usermap_object_class (string)" -msgstr "ipa_host_object_class (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:415 -#, fuzzy -#| msgid "ldap_user_fullname (string)" msgid "ipa_selinux_usermap_name (string)" -msgstr "ldap_user_fullname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:418 @@ -5063,10 +4953,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:427 -#, fuzzy -#| msgid "ipa_netgroup_member_host (string)" msgid "ipa_selinux_usermap_member_user (string)" -msgstr "ipa_netgroup_member_host (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:430 @@ -5076,10 +4964,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:439 -#, fuzzy -#| msgid "ipa_netgroup_member_host (string)" msgid "ipa_selinux_usermap_member_host (string)" -msgstr "ipa_netgroup_member_host (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:442 @@ -5090,10 +4976,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:451 -#, fuzzy -#| msgid "ipa_netgroup_member_host (string)" msgid "ipa_selinux_usermap_see_also (string)" -msgstr "ipa_netgroup_member_host (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:454 @@ -5104,17 +4988,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:459 -#, fuzzy -#| msgid "Default: false" msgid "Default: seeAlso" -msgstr "Padrão: false" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:464 -#, fuzzy -#| msgid "ipa_server (string)" msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "ipa_server (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:467 @@ -5123,17 +5003,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:471 -#, fuzzy -#| msgid "Default: ipaHost" msgid "Default: ipaSELinuxUser" -msgstr "Padrão: ipaHost" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:476 -#, fuzzy -#| msgid "ipa_server (string)" msgid "ipa_selinux_usermap_enabled (string)" -msgstr "ipa_server (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:479 @@ -5144,17 +5020,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:483 -#, fuzzy -#| msgid "Default: false" msgid "Default: ipaEnabledFlag" -msgstr "Padrão: false" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:488 -#, fuzzy -#| msgid "ldap_user_search_filter (string)" msgid "ipa_selinux_usermap_user_category (string)" -msgstr "ldap_user_search_filter (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:491 @@ -5163,17 +5035,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:495 -#, fuzzy -#| msgid "Default: homeDirectory" msgid "Default: userCategory" -msgstr "Padrão: homeDirectory" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:500 -#, fuzzy -#| msgid "ipa_netgroup_member_host (string)" msgid "ipa_selinux_usermap_host_category (string)" -msgstr "ipa_netgroup_member_host (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:503 @@ -5182,17 +5050,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:507 -#, fuzzy -#| msgid "Default: host" msgid "Default: hostCategory" -msgstr "Padrão: host" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:512 -#, fuzzy -#| msgid "ldap_user_uuid (string)" msgid "ipa_selinux_usermap_uuid (string)" -msgstr "ldap_user_uuid (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:515 @@ -5201,17 +5065,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:519 -#, fuzzy -#| msgid "Default: nsUniqueId" msgid "Default: ipaUniqueID" -msgstr "Padrão: nsUniqueId" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:524 -#, fuzzy -#| msgid "ipa_hostname (string)" msgid "ipa_host_ssh_public_key (string)" -msgstr "ipa_hostname (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:527 @@ -5220,10 +5080,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:531 -#, fuzzy -#| msgid "Default: ipaHost" msgid "Default: ipaSshPubKey" -msgstr "Padrão: ipaHost" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:546 @@ -5374,12 +5232,12 @@ msgid "Run in the foreground, don't become a daemon." msgstr "Executar em primeiro plano, não se torne um daemon." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -5540,7 +5398,8 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" @@ -6525,6 +6384,321 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -6664,8 +6838,112 @@ msgstr "<option>-h</option>,<option>--help</option>" msgid "Display help message and exit." msgstr "Exibe a mensagem de ajuda e sai." -#~ msgid "ldap_purge_cache_timeout" -#~ msgstr "ldap_purge_cache_timeout" +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" -#~ msgid "Supported services: nss, pam" -#~ msgstr "Suporte para serviços: nss, pam" +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/pt_BR.po b/src/man/po/pt_BR.po deleted file mode 100644 index 4254b1749..000000000 --- a/src/man/po/pt_BR.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Portuguese (Brazilian) <trans-pt_br@lists.fedoraproject.org>\n" -"Language: pt_BR\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n > 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/ru.po b/src/man/po/ru.po index d65047700..346ca6e68 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -3,13 +3,14 @@ # This file is distributed under the same license as the sssd-docs package. # # Translators: +# Artyom Kunyov <artkun@guitarplayer.ru>, 2012. msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-08 11:52+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n" "Language: ru\n" "MIME-Version: 1.0\n" @@ -23,9 +24,11 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" -msgstr "" +msgstr "Справка по SSSD" #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 @@ -36,14 +39,15 @@ msgstr "" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupmod.8.xml:16 msgid "modify a group" -msgstr "" +msgstr "изменить группу" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupmod.8.xml:21 @@ -59,8 +63,10 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" -msgstr "" +msgstr "ОПИСАНИЕ" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:32 @@ -73,8 +79,10 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" -msgstr "" +msgstr "ОПЦИИ" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 @@ -106,14 +114,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" -msgstr "" +msgstr "СМ. ТАКЖЕ" #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:74 @@ -132,13 +141,13 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.conf.5.xml:10 sssd.conf.5.xml:16 msgid "sssd.conf" -msgstr "" +msgstr "sssd.CONF" #. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 #: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 msgid "5" -msgstr "" +msgstr "5" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 @@ -150,12 +159,12 @@ msgstr "" #: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 #: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 msgid "the configuration file for SSSD" -msgstr "" +msgstr "Файл конфигурации SSSD" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:21 msgid "FILE FORMAT" -msgstr "" +msgstr "ФОРМАТ ФАЙЛА" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:29 @@ -215,7 +224,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "" @@ -234,7 +243,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:81 msgid "services" -msgstr "" +msgstr "службы" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:84 @@ -251,7 +260,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:94 sssd.conf.5.xml:257 msgid "reconnection_retries (integer)" -msgstr "" +msgstr "попыток_соединения (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:97 sssd.conf.5.xml:260 @@ -263,12 +272,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:102 sssd.conf.5.xml:265 msgid "Default: 3" -msgstr "" +msgstr "По умолчанию: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:107 msgid "domains" -msgstr "" +msgstr "домены" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:110 @@ -330,7 +339,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:157 msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" +msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:162 @@ -445,7 +454,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" msgstr "" @@ -461,21 +470,41 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 msgid "Default: false" -msgstr "" +msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 -msgid "command (string)" +msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:273 msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " "name for the service. In the vast majority of configurations, the default " @@ -483,45 +512,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" -msgstr "" +msgstr "По умолчанию: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -529,7 +558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -539,7 +568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -548,17 +577,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -566,17 +595,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" -msgstr "" +msgstr "По умолчанию: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -585,78 +614,78 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" -msgstr "" +msgstr "По умолчанию: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -664,138 +693,138 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" -msgstr "" +msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -803,59 +832,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" -msgstr "" +msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" -msgstr "" +msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" -msgstr "" +msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -863,7 +892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -872,17 +901,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -890,27 +919,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " @@ -918,7 +947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -927,71 +956,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 +#: sssd.conf.5.xml:645 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1000,56 +1029,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" -msgstr "" +msgstr "По умолчанию: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" -msgstr "" +msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1059,14 +1088,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1075,98 +1104,98 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1175,47 +1204,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1224,19 +1253,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1244,7 +1273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1252,30 +1281,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1283,17 +1312,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1302,24 +1331,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1327,7 +1356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1335,7 +1364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1343,35 +1372,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1379,29 +1408,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1409,66 +1438,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" -msgstr "" +msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1476,51 +1505,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" -msgstr "" +msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1528,29 +1557,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1558,19 +1587,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1578,73 +1607,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" -msgstr "" +msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" -msgstr "" +msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -1652,17 +1681,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" -msgstr "" +msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -1671,17 +1700,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" -msgstr "" +msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -1689,17 +1718,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" -msgstr "" +msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -1707,18 +1736,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" -msgstr "" +msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1748,7 +1777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -1757,7 +1786,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -1811,7 +1840,7 @@ msgstr "" #: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" -msgstr "" +msgstr "ПАРАМЕТРЫ КОНФИГУРАЦИИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 @@ -1968,7 +1997,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:180 msgid "Default: rfc2307" -msgstr "" +msgstr "По умолчанию: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:186 @@ -1998,7 +2027,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:206 msgid "password" -msgstr "" +msgstr "пароль" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:209 @@ -2035,7 +2064,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:234 msgid "Default: posixAccount" -msgstr "" +msgstr "По умолчанию: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:240 @@ -2095,7 +2124,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:286 msgid "Default: gecos" -msgstr "" +msgstr "По умолчанию: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:292 @@ -2110,7 +2139,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:299 msgid "Default: homeDirectory" -msgstr "" +msgstr "По умолчанию: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:305 @@ -2125,7 +2154,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:312 msgid "Default: loginShell" -msgstr "" +msgstr "По умолчанию: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:318 @@ -2157,7 +2186,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 msgid "Default: modifyTimestamp" -msgstr "" +msgstr "По умолчанию: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:344 @@ -2233,7 +2262,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:412 msgid "Default: shadowWarning" -msgstr "" +msgstr "По умолчанию: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:418 @@ -2252,7 +2281,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:431 msgid "Default: shadowInactive" -msgstr "" +msgstr "По умолчанию: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:437 @@ -2271,7 +2300,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:450 msgid "Default: shadowExpire" -msgstr "" +msgstr "По умолчанию: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:456 @@ -3796,7 +3825,7 @@ msgstr "" #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" @@ -5076,12 +5105,12 @@ msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -5228,7 +5257,8 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" @@ -6174,6 +6204,321 @@ msgid "" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -6312,3 +6657,113 @@ msgstr "" #: include/param_help.xml:7 msgid "Display help message and exit." msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/sk.po b/src/man/po/sk.po deleted file mode 100644 index 6e1e8faae..000000000 --- a/src/man/po/sk.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Slovak (http://www.transifex.net/projects/p/fedora/team/sk/)\n" -"Language: sk\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/sq.po b/src/man/po/sq.po deleted file mode 100644 index 092736518..000000000 --- a/src/man/po/sq.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Albanian (http://www.transifex.net/projects/p/fedora/team/" -"sq/)\n" -"Language: sq\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/sr.po b/src/man/po/sr.po deleted file mode 100644 index a3bf11344..000000000 --- a/src/man/po/sr.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Serbian <trans-sr@lists.fedoraproject.org>\n" -"Language: sr\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" -"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index baaf6478b..d2092482f 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.7.91\n" +"Project-Id-Version: sssd-docs 1.8.90\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -18,7 +18,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -28,7 +28,7 @@ msgid "sss_groupmod" msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 sss_debuglevel.8.xml:11 msgid "8" msgstr "" @@ -46,7 +46,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "" @@ -58,7 +58,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "" @@ -93,7 +93,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "" @@ -200,7 +200,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "" @@ -428,7 +428,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" msgstr "" @@ -443,18 +443,38 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 -msgid "command (string)" +msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:273 msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" "By default, the executable representing this service is called " "<command>sssd_${service_name}</command>. This directive allows to change " "the executable name for the service. In the vast majority of configurations, " @@ -462,46 +482,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) " "service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -509,7 +529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -519,7 +539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -528,17 +548,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -546,17 +566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set " @@ -565,77 +585,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -643,138 +663,138 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in " "<quote>/etc/shells</quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in " "<quote>/etc/shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the " "machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -782,59 +802,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -842,7 +862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -852,17 +872,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -870,27 +890,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " @@ -898,7 +918,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " @@ -907,71 +927,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 +#: sssd.conf.5.xml:645 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 +#: sssd.conf.5.xml:679 msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -980,56 +1000,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1039,14 +1059,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1055,97 +1075,97 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 sssd.conf.5.xml:822 +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1154,47 +1174,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1203,19 +1223,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1223,7 +1243,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1231,29 +1251,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1261,17 +1281,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -1280,24 +1300,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1306,7 +1326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -1315,7 +1335,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1323,34 +1343,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1358,29 +1378,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1389,66 +1409,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1456,51 +1476,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -1509,29 +1529,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1539,19 +1559,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1559,73 +1579,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -1633,17 +1653,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -1652,17 +1672,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -1670,17 +1690,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -1688,17 +1708,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -1728,7 +1748,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -1737,7 +1757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> " @@ -3772,7 +3792,7 @@ msgstr "" #: sssd-ldap.5.xml:1815 msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> " "</citerefentry>" msgstr "" @@ -5062,12 +5082,12 @@ msgid "Run in the foreground, don't become a daemon." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is " "<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " @@ -5219,7 +5239,7 @@ msgid "The password to obfuscate will be read from standard input." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> " "<replaceable>DOMAIN</replaceable>" @@ -6188,6 +6208,330 @@ msgid "" "</citerefentry>." msgstr "" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> " +"<replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> " +"<replaceable>netgroup</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> " +"<replaceable>domain</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>NEW_DEBUG_LEVEL</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> can be configured to use " +"<command>sss_ssh_authorizedkeys</command> for public key user authentication " +"if it is compiled with support for either " +"<quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</quote> " +"<citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> can be configured to use it by " +"putting the following directive in <citerefentry> " +"<refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry>: <placeholder " +"type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> can be configured to use it by using " +"the following directive for <citerefentry> " +"<refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></citerefentry> " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain " +"<replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sshd_config</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry> for more information) " +"<filename>/var/lib/sss/pubconf/known_hosts</filename> and estabilishes " +"connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> " +"<manvolnum>1</manvolnum></citerefentry> can be configured to use " +"<command>sss_ssh_knownhostsproxy</command> for host key authentication by " +"using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> " +"<manvolnum>1</manvolnum></citerefentry> configuration: <placeholder " +"type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain " +"<replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>ssh_config</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</manvolnum> " +"</citerefentry>." +msgstr "" + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -6325,3 +6669,112 @@ msgstr "" #: include/param_help.xml:7 msgid "Display help message and exit." msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use " +"http://fedorahosted.org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/ta.po b/src/man/po/ta.po deleted file mode 100644 index 2a82aa68b..000000000 --- a/src/man/po/ta.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Tamil <tamil-users@lists.fedoraproject.org>\n" -"Language: ta\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/tg.po b/src/man/po/tg.po new file mode 100644 index 000000000..7c0b0db94 --- /dev/null +++ b/src/man/po/tg.po @@ -0,0 +1,6768 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Red Hat +# This file is distributed under the same license as the sssd-docs package. +# +# Translators: +msgid "" +msgstr "" +"Project-Id-Version: SSSD\n" +"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-08 11:52+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" +"Language-Team: Tajik (http://www.transifex.net/projects/p/fedora/language/" +"tg/)\n" +"Language: tg\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1)\n" + +#. type: Content of: <reference><title> +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 +#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 +#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 +#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 +msgid "SSSD Manual pages" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 +msgid "sss_groupmod" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 +#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 +#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 +msgid "8" +msgstr "8" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupmod.8.xml:16 +msgid "modify a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupmod.8.xml:21 +msgid "" +"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 +#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 +#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 +#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 +#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 +msgid "DESCRIPTION" +msgstr "ШАРҲ" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:32 +msgid "" +"<command>sss_groupmod</command> modifies the group to reflect the changes " +"that are specified on the command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 +#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 +#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 +msgid "OPTIONS" +msgstr "ИМКОНОТҲО" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 +msgid "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:48 +msgid "" +"Append this group to groups specified by the <replaceable>GROUPS</" +"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " +"a comma separated list of group names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 +msgid "" +"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:62 +msgid "" +"Remove this group from groups specified by the <replaceable>GROUPS</" +"replaceable> parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 +#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 +#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 +#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 +#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 +msgid "SEE ALSO" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:74 +msgid "" +"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 +msgid "sssd.conf" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 +#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 +msgid "5" +msgstr "5" + +#. type: Content of: <reference><refentry><refmeta><refmiscinfo> +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 +#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 +msgid "File Formats and Conventions" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 +#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 +msgid "the configuration file for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:21 +msgid "FILE FORMAT" +msgstr "Формати файл" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:29 +#, no-wrap +msgid "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:24 +msgid "" +"The file has an ini-style syntax and consists of sections and parameters. A " +"section begins with the name of the section in square brackets and continues " +"until the next section begins. An example of section with single and multi-" +"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:36 +msgid "" +"The data types used are string (no quotes needed), integer and bool (with " +"values of <quote>TRUE/FALSE</quote>)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:41 +msgid "" +"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " +"(<quote>;</quote>)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:46 +msgid "" +"All sections can have an optional <replaceable>description</replaceable> " +"parameter. Its function is only as a label for the section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:52 +msgid "" +"<filename>sssd.conf</filename> must be a regular file, owned by root and " +"only root may read from or write to the file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:58 +msgid "SPECIAL SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:61 +msgid "The [sssd] section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 +msgid "Section parameters" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:72 +msgid "config_file_version (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:75 +msgid "" +"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " +"version 2." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:81 +msgid "services" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:84 +msgid "" +"Comma separated list of services that are started when sssd itself starts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:88 +msgid "" +"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 +msgid "reconnection_retries (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 +msgid "" +"Number of times services should attempt to reconnect in the event of a Data " +"Provider crash or restart before they give up" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 +msgid "Default: 3" +msgstr "Пешфарз: 3" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:107 +msgid "domains" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:110 +msgid "" +"A domain is a database containing user information. SSSD can use more " +"domains at the same time, but at least one must be configured or SSSD won't " +"start. This parameter described the list of domains in the order you want " +"them to be queried." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:120 +msgid "re_expression (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:123 +msgid "" +"Regular expression that describes how to parse the string containing user " +"name and domain into these components." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:127 +msgid "" +"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"which translates to \"the name is everything up to the <quote>@</quote> " +"sign, the domain everything after that\"" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:132 +msgid "" +"PLEASE NOTE: the support for non-unique named subpatterns is not available " +"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " +"version 7 or higher can support non-unique named subpatterns." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:139 +msgid "" +"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" +"P<name>) to label subpatterns." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:146 +msgid "full_name_format (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:149 +msgid "" +"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry>-compatible format that describes how to translate " +"a (name, domain) tuple into a fully qualified name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:157 +msgid "Default: <quote>%1$s@%2$s</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:162 +msgid "try_inotify (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:165 +msgid "" +"SSSD monitors the state of resolv.conf to identify when it needs to update " +"its internal DNS resolver. By default, we will attempt to use inotify for " +"this, and will fall back to polling resolv.conf every five seconds if " +"inotify cannot be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:173 +msgid "" +"There are some limited situations where it is preferred that we should skip " +"even trying to use inotify. In these rare cases, this option should be set " +"to 'false'" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:179 +msgid "" +"Default: true on platforms where inotify is supported. False on other " +"platforms." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:183 +msgid "" +"Note: this option will have no effect on platforms where inotify is " +"unavailable. On these platforms, polling will always be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:190 +msgid "krb5_rcache_dir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:193 +msgid "" +"Directory on the filesystem where SSSD should store Kerberos replay cache " +"files." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:197 +msgid "" +"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " +"SSSD to let libkrb5 decide the appropriate location for the replay cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:203 +msgid "" +"Default: Distribution-specific and specified at build-time. " +"(__LIBKRB5_DEFAULTS__ if not configured)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:63 +msgid "" +"Individual pieces of SSSD functionality are provided by special SSSD " +"services that are started and stopped together with SSSD. The services are " +"managed by a special service frequently called <quote>monitor</quote>. The " +"<quote>[sssd]</quote> section is used to configure the monitor as well as " +"some other important options like the identity domains. <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:216 +msgid "SERVICES SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:218 +msgid "" +"Settings that can be used to configure different services are described in " +"this section. They should reside in the [<replaceable>$NAME</replaceable>] " +"section, for example, for NSS service, the section would be <quote>[nss]</" +"quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:225 +msgid "General service configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:227 +msgid "These options can be used to configure any service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:231 +msgid "debug_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:235 +msgid "debug_timestamps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:238 +msgid "Add a timestamp to the debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 +msgid "Default: true" +msgstr "Пешфарз: true" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:246 +msgid "debug_microseconds (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:249 +msgid "Add microseconds to the timestamp in debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 +#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 +#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 +msgid "Default: false" +msgstr "Пешфарз: false" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:270 +msgid "fd_limit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:273 +msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 +msgid "command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:290 +msgid "" +"By default, the executable representing this service is called <command>sssd_" +"${service_name}</command>. This directive allows to change the executable " +"name for the service. In the vast majority of configurations, the default " +"values should suffice." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:298 +msgid "Default: <command>sssd_${service_name}</command>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:306 +msgid "NSS configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:308 +msgid "" +"These options can be used to configure the Name Service Switch (NSS) service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:313 +msgid "enum_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:316 +msgid "" +"How many seconds should nss_sss cache enumerations (requests for info about " +"all users)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:320 +msgid "Default: 120" +msgstr "Пешфарз: 120" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:325 +msgid "entry_cache_nowait_percentage (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:328 +msgid "" +"The entry cache can be set to automatically update entries in the background " +"if they are requested beyond a percentage of the entry_cache_timeout value " +"for the domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:334 +msgid "" +"For example, if the domain's entry_cache_timeout is set to 30s and " +"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " +"after 15 seconds past the last cache update will be returned immediately, " +"but the SSSD will go and update the cache on its own, so that future " +"requests will not need to block waiting for a cache update." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:344 +msgid "" +"Valid values for this option are 0-99 and represent a percentage of the " +"entry_cache_timeout for each domain. For performance reasons, this " +"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " +"disables this feature)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:352 +msgid "Default: 50" +msgstr "Пешфарз: 50" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:357 +msgid "entry_negative_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:360 +msgid "" +"Specifies for how many seconds nss_sss should cache negative cache hits " +"(that is, queries for invalid database entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 +msgid "Default: 15" +msgstr "Пешфарз: 15" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:371 +msgid "filter_users, filter_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:374 +msgid "" +"Exclude certain users from being fetched from the sss NSS database. This is " +"particularly useful for system accounts. This option can also be set per-" +"domain or include fully-qualified names to filter only users from the " +"particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:381 +msgid "Default: root" +msgstr "Пешфарз: root" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:386 +msgid "filter_users_in_groups (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:389 +msgid "" +"If you want filtered user still be group members set this option to false." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:398 +msgid "override_homedir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 +msgid "%u" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 +msgid "login name" +msgstr "Номи логин" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 +msgid "%U" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:412 +msgid "UID number" +msgstr "Рақами UID" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 +msgid "%d" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:416 +msgid "domain name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:419 +msgid "%f" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:420 +msgid "fully qualified user name (user@domain)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 +msgid "%%" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 +msgid "a literal '%'" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:401 +msgid "" +"Override the user's home directory. You can either provide an absolute value " +"or a template. In the template, the following sequences are substituted: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:430 +msgid "This option can also be set per-domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:435 +msgid "allowed_shells (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:438 +msgid "" +"Restrict user shell to one of the listed values. The order of evaluation is:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:441 +msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:445 +msgid "" +"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" +"quote>, use the value of the shell_fallback parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:450 +msgid "" +"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" +"shells</quote>, a nologin shell is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:455 +msgid "An empty string for shell is passed as-is to libc." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:458 +msgid "" +"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " +"that a restart of the SSSD is required in case a new shell is installed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:462 +msgid "Default: Not set. The user shell is automatically used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:467 +msgid "vetoed_shells (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:470 +msgid "Replace any instance of these shells with the shell_fallback" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:475 +msgid "shell_fallback (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:478 +msgid "" +"The default shell to use if an allowed shell is not installed on the machine." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:482 +msgid "Default: /bin/sh" +msgstr "Пешфарз: /bin/sh" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:489 +msgid "PAM configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:491 +msgid "" +"These options can be used to configure the Pluggable Authentication Module " +"(PAM) service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:496 +msgid "offline_credentials_expiration (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:499 +msgid "" +"If the authentication provider is offline, how long should we allow cached " +"logins (in days since the last successful online login)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 +msgid "Default: 0 (No limit)" +msgstr "Пешфарз: 0 (Номаҳдуд)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:510 +msgid "offline_failed_login_attempts (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:513 +msgid "" +"If the authentication provider is offline, how many failed login attempts " +"are allowed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:523 +msgid "offline_failed_login_delay (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:526 +msgid "" +"The time in minutes which has to pass after offline_failed_login_attempts " +"has been reached before a new login attempt is possible." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:531 +msgid "" +"If set to 0 the user cannot authenticate offline if " +"offline_failed_login_attempts has been reached. Only a successful online " +"authentication can enable offline authentication again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 +msgid "Default: 5" +msgstr "Пешфарз: 5" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:543 +msgid "pam_verbosity (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:546 +msgid "" +"Controls what kind of messages are shown to the user during authentication. " +"The higher the number to more messages are displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:551 +msgid "Currently sssd supports the following values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:554 +msgid "<emphasis>0</emphasis>: do not show any message" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:557 +msgid "<emphasis>1</emphasis>: show only important messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:561 +msgid "<emphasis>2</emphasis>: show informational messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:564 +msgid "<emphasis>3</emphasis>: show all messages and debug information" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:568 sssd.8.xml:63 +msgid "Default: 1" +msgstr "Пешфарз: 1" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:573 +msgid "pam_id_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:576 +msgid "" +"For any PAM request while SSSD is online, the SSSD will attempt to " +"immediately update the cached identity information for the user in order to " +"ensure that authentication takes place with the latest information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:582 +msgid "" +"A complete PAM conversation may perform multiple PAM requests, such as " +"account management and session opening. This option controls (on a per-" +"client-application basis) how long (in seconds) we can cache the identity " +"information to avoid excessive round-trips to the identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:596 +msgid "pam_pwd_expiration_warning (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:599 +msgid "Display a warning N days before the password expires." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:602 +msgid "" +"Please note that the backend server has to provide information about the " +"expiration time of the password. If this information is missing, sssd " +"cannot display a warning." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:608 +msgid "Default: 7" +msgstr "Пешфарз: 7" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:616 +msgid "SUDO configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:618 +msgid "These options can be used to configure the sudo service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:625 +msgid "sudo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:628 +msgid "" +"For any sudo request that comes while SSSD is online, the SSSD will attempt " +"to update the cached rules in order to ensure that sudo has the latest " +"ruleset." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:634 +msgid "" +"The user may, however, run a couple of sudo commands successively, which " +"would trigger multiple LDAP requests. In order to speed up this use-case, " +"the sudo service maintains an in-memory cache that would be used for " +"performing fast replies." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:641 +msgid "" +"This option controls how long (in seconds) can the sudo service cache rules " +"for a user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:645 +msgid "Default: 180" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:650 +msgid "sudo_timed (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:653 +msgid "" +"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " +"that implement time-dependent sudoers entries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:666 +msgid "AUTOFS configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:668 +msgid "These options can be used to configure the autofs service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:676 +msgid "autofs_negative_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:679 +msgid "" +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:696 +msgid "DOMAIN SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:703 +msgid "min_id,max_id (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:706 +msgid "" +"UID and GID limits for the domain. If a domain contains an entry that is " +"outside these limits, it is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:711 +msgid "" +"For users, this affects the primary GID limit. The user will not be returned " +"to NSS if either the UID or the primary GID is outside the range. For non-" +"primary group memberships, those that are in range will be reported as " +"expected." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:718 +msgid "Default: 1 for min_id, 0 (no limit) for max_id" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:724 +msgid "timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:727 +msgid "" +"Timeout in seconds between heartbeats for this domain. This is used to " +"ensure that the backend process is alive and capable of answering requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 +msgid "Default: 10" +msgstr "Пешфарз: 10" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:738 +msgid "enumerate (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:741 +msgid "" +"Determines if a domain can be enumerated. This parameter can have one of the " +"following values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:745 +msgid "TRUE = Users and groups are enumerated" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:748 +msgid "FALSE = No enumerations for this domain" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 +msgid "Default: FALSE" +msgstr "Пешфарз: FALSE" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:754 +msgid "" +"Note: Enabling enumeration has a moderate performance impact on SSSD while " +"enumeration is running. It may take up to several minutes after SSSD startup " +"to fully complete enumerations. During this time, individual requests for " +"information will go directly to LDAP, though it may be slow, due to the " +"heavy enumeration processing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:764 +msgid "" +"While the first enumeration is running, requests for the complete user or " +"group lists may return no results until it completes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:769 +msgid "" +"Further, enabling enumeration may increase the time necessary to detect " +"network disconnection, as longer timeouts are required to ensure that " +"enumeration lookups are completed successfully. For more information, refer " +"to the man pages for the specific id_provider in use." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:780 +msgid "entry_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:783 +msgid "" +"How many seconds should nss_sss consider entries valid before asking the " +"backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:787 +msgid "Default: 5400" +msgstr "Пешфарз: 5400" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:793 +msgid "entry_cache_user_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:796 +msgid "" +"How many seconds should nss_sss consider user entries valid before asking " +"the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 +msgid "Default: entry_cache_timeout" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:806 +msgid "entry_cache_group_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:809 +msgid "" +"How many seconds should nss_sss consider group entries valid before asking " +"the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:819 +msgid "entry_cache_netgroup_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:822 +msgid "" +"How many seconds should nss_sss consider netgroup entries valid before " +"asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:832 +msgid "entry_cache_service_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:835 +msgid "" +"How many seconds should nss_sss consider service entries valid before asking " +"the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:845 +msgid "cache_credentials (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:848 +msgid "Determines if user credentials are also cached in the local LDB cache" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:852 +msgid "User credentials are stored in a SHA512 hash, not in plaintext" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:861 +msgid "account_cache_expiration (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:864 +msgid "" +"Number of days entries are left in cache after last successful login before " +"being removed during a cleanup of the cache. 0 means keep forever. The " +"value of this parameter must be greater than or equal to " +"offline_credentials_expiration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:871 +msgid "Default: 0 (unlimited)" +msgstr "Пешфарз: 0 (номаҳдуд)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:877 +msgid "id_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:880 +msgid "The Data Provider identity backend to use for this domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:884 +msgid "Supported backends:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:887 +msgid "proxy: Support a legacy NSS provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:890 +msgid "local: SSSD internal local provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:893 +msgid "ldap: LDAP provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:899 +msgid "use_fully_qualified_names (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:902 +msgid "" +"If set to TRUE, all requests to this domain must use fully qualified names. " +"For example, if used in LOCAL domain that contains a \"test\" user, " +"<command>getent passwd test</command> wouldn't find the user while " +"<command>getent passwd test@LOCAL</command> would." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:915 +msgid "auth_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:918 +msgid "" +"The authentication provider used for the domain. Supported auth providers " +"are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:922 +msgid "" +"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:929 +msgid "" +"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:936 +msgid "" +"<quote>proxy</quote> for relaying authentication to some other PAM target." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:939 +msgid "<quote>none</quote> disables authentication explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:942 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"authentication requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:948 +msgid "access_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:951 +msgid "" +"The access control provider used for the domain. There are two built-in " +"access providers (in addition to any included in installed backends) " +"Internal special providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:957 +msgid "<quote>permit</quote> always allow access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:960 +msgid "<quote>deny</quote> always deny access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:963 +msgid "" +"<quote>simple</quote> access control based on access or deny lists. See " +"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for more information on configuring the simple " +"access module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:970 +msgid "Default: <quote>permit</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:975 +msgid "chpass_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:978 +msgid "" +"The provider which should handle change password operations for the domain. " +"Supported change password providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:983 +msgid "" +"<quote>ipa</quote> to change a password stored in an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:991 +msgid "" +"<quote>ldap</quote> to change a password stored in a LDAP server. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:999 +msgid "" +"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1007 +msgid "" +"<quote>proxy</quote> for relaying password changes to some other PAM target." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1011 +msgid "<quote>none</quote> disallows password changes explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1014 +msgid "" +"Default: <quote>auth_provider</quote> is used if it is set and can handle " +"change password requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1021 +msgid "sudo_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1027 +msgid "The SUDO provider used for the domain. Supported SUDO providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1031 +msgid "" +"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1038 +msgid "<quote>none</quote> disables SUDO explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1041 +msgid "Default: The value of <quote>id_provider</quote> is used if it is set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1047 +msgid "session_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1050 +msgid "" +"The provider which should handle loading of session settings. Supported " +"session providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1055 +msgid "" +"<quote>ipa</quote> to load session settings from an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1063 +msgid "<quote>none</quote> disallows fetching session settings explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1066 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"session loading requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1073 +msgid "lookup_family_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1076 +msgid "" +"Provides the ability to select preferred address family to use when " +"performing DNS lookups." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1080 +msgid "Supported values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1083 +msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1086 +msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1089 +msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1092 +msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1095 +msgid "Default: ipv4_first" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1101 +msgid "dns_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1104 +msgid "" +"Defines the amount of time (in seconds) to wait for a reply from the DNS " +"resolver before assuming that it is unreachable. If this timeout is reached, " +"the domain will continue to operate in offline mode." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1116 +msgid "dns_discovery_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1119 +msgid "" +"If service discovery is used in the back end, specifies the domain part of " +"the service discovery DNS query." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1123 +msgid "Default: Use the domain part of machine's hostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1129 +msgid "override_gid (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1132 +msgid "Override the primary GID value with the one specified." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1138 +msgid "case_sensitive (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1141 +msgid "" +"Treat user and group names as case sensitive. At the moment, this option is " +"not supported in the local provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1146 +msgid "Default: True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:698 +msgid "" +"These configuration options can be present in a domain configuration " +"section, that is, in a section called <quote>[domain/<replaceable>NAME</" +"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1158 +msgid "proxy_pam_target (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1161 +msgid "The proxy target PAM proxies to." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1164 +msgid "" +"Default: not set by default, you have to take an existing pam configuration " +"or create a new one and add the service name here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1172 +msgid "proxy_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1175 +msgid "" +"The name of the NSS library to use in proxy domains. The NSS functions " +"searched for in the library are in the form of _nss_$(libName)_$(function), " +"for example _nss_files_getpwent." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1154 +msgid "" +"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +"\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1187 +msgid "The local domain section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:1189 +msgid "" +"This section contains settings for domain that stores users and groups in " +"SSSD native database, that is, a domain that uses " +"<replaceable>id_provider=local</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1196 +msgid "default_shell (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1199 +msgid "The default shell for users created with SSSD userspace tools." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1203 +msgid "Default: <filename>/bin/bash</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1208 +msgid "base_directory (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1211 +msgid "" +"The tools append the login name to <replaceable>base_directory</replaceable> " +"and use that as the home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1216 +msgid "Default: <filename>/home</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1221 +msgid "create_homedir (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1224 +msgid "" +"Indicate if a home directory should be created by default for new users. " +"Can be overridden on command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 +msgid "Default: TRUE" +msgstr "Пешфарз: TRUE" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1233 +msgid "remove_homedir (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1236 +msgid "" +"Indicate if a home directory should be removed by default for deleted " +"users. Can be overridden on command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1245 +msgid "homedir_umask (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1248 +msgid "" +"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " +"on a newly created home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1256 +msgid "Default: 077" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1261 +msgid "skel_dir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1264 +msgid "" +"The skeleton directory, which contains files and directories to be copied in " +"the user's home directory, when the home directory is created by " +"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1274 +msgid "Default: <filename>/etc/skel</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1279 +msgid "mail_dir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1282 +msgid "" +"The mail spool directory. This is needed to manipulate the mailbox when its " +"corresponding user account is modified or deleted. If not specified, a " +"default value is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1289 +msgid "Default: <filename>/var/mail</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1294 +msgid "userdel_cmd (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1297 +msgid "" +"The command that is run after a user is removed. The command us passed the " +"username of the user being removed as the first and only parameter. The " +"return code of the command is not taken into account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1303 +msgid "Default: None, no command is run" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 +msgid "EXAMPLE" +msgstr "НАМУНА" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:1319 +#, no-wrap +msgid "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1315 +msgid "" +"The following example shows a typical SSSD config. It does not describe " +"configuration of the domains themselves - refer to documentation on " +"configuring domains for more details. <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1350 +msgid "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 +msgid "sssd-ldap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:23 +msgid "" +"This manual page describes the configuration of LDAP domains for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for detailed syntax information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:35 +msgid "You can configure SSSD to use more than one LDAP domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:38 +msgid "" +"LDAP back end supports id, auth, access and chpass providers. If you want to " +"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " +"<command>sssd</command> <emphasis>does not</emphasis> support authentication " +"over an unencrypted channel. If the LDAP server is used only as an identity " +"provider, an encrypted channel is not needed. Please refer to " +"<quote>ldap_access_filter</quote> config option for more information about " +"using LDAP as an access provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 +#: sssd-krb5.5.xml:63 +msgid "CONFIGURATION OPTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:60 +msgid "ldap_uri (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:63 +msgid "" +"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " +"should connect in the order of preference. Refer to the <quote>FAILOVER</" +"quote> section for more information on failover and server redundancy. If " +"not specified, service discovery is enabled. For more information, refer to " +"the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:70 +msgid "The format of the URI must match the format defined in RFC 2732:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:73 +msgid "ldap[s]://<host>[:port]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:76 +msgid "" +"For explicit IPv6 addresses, <host> must be enclosed in brackets []" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:79 +msgid "example: ldap://[fc00::126:25]:389" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:85 +msgid "ldap_chpass_uri (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:88 +msgid "" +"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " +"should connect in the order of preference to change the password of a user. " +"Refer to the <quote>FAILOVER</quote> section for more information on " +"failover and server redundancy." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:95 +msgid "To enable service discovery ldap_chpass_dns_service_name must be set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:99 +msgid "Default: empty, i.e. ldap_uri is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:105 +msgid "ldap_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:108 +msgid "The default base DN to use for performing LDAP user operations." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:112 +msgid "" +"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " +"syntax:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:116 +msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:119 +msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:122 +msgid "" +"The filter must be a valid LDAP search filter as specified by http://www." +"ietf.org/rfc/rfc2254.txt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:126 +msgid "Examples:" +msgstr "Намунаҳо:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:129 +msgid "" +"ldap_search_base = dc=example,dc=com (which is equivalent to) " +"ldap_search_base = dc=example,dc=com?subtree?" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:134 +msgid "" +"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" +"(host=thishost)?dc=example.com?subtree?" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:137 +msgid "" +"Note: It is unsupported to have multiple search bases which reference " +"identically-named objects (for example, groups with the same name in two " +"different search bases). This will lead to unpredictable behavior on client " +"machines." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:144 +msgid "" +"Default: If not set, the value of the defaultNamingContext or namingContexts " +"attribute from the RootDSE of the LDAP server is used. If " +"defaultNamingContext does not exists or has an empty value namingContexts is " +"used. The namingContexts attribute must have a single value with the DN of " +"the search base of the LDAP server to make this work. Multiple values are " +"are not supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:158 +msgid "ldap_schema (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:161 +msgid "" +"Specifies the Schema Type in use on the target LDAP server. Depending on " +"the selected schema, the default attribute names retrieved from the servers " +"may vary. The way that some attributes are handled may also differ. Three " +"schema types are currently supported: rfc2307 rfc2307bis IPA The main " +"difference between these schema types is how group memberships are recorded " +"in the server. With rfc2307, group members are listed by name in the " +"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " +"members are listed by DN and stored in the <emphasis>member</emphasis> " +"attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:180 +msgid "Default: rfc2307" +msgstr "Пешфарз: rfc2307" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:186 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:189 +msgid "The default bind DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:196 +msgid "ldap_default_authtok_type (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:199 +msgid "The type of the authentication token of the default bind DN." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:203 +msgid "The two mechanisms currently supported are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:206 +msgid "password" +msgstr "парол" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:209 +msgid "obfuscated_password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Default: password" +msgstr "Пешфарз: парол" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:218 +msgid "ldap_default_authtok (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:221 +msgid "" +"The authentication token of the default bind DN. Only clear text passwords " +"are currently supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:228 +msgid "ldap_user_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:231 +msgid "The object class of a user entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:234 +msgid "Default: posixAccount" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:240 +msgid "ldap_user_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:243 +msgid "The LDAP attribute that corresponds to the user's login name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:247 +msgid "Default: uid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:253 +msgid "ldap_user_uid_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:256 +msgid "The LDAP attribute that corresponds to the user's id." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:260 +msgid "Default: uidNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:266 +msgid "ldap_user_gid_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:269 +msgid "The LDAP attribute that corresponds to the user's primary group id." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 +msgid "Default: gidNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:279 +msgid "ldap_user_gecos (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:282 +msgid "The LDAP attribute that corresponds to the user's gecos field." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:286 +msgid "Default: gecos" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:292 +msgid "ldap_user_home_directory (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:295 +msgid "The LDAP attribute that contains the name of the user's home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:299 +msgid "Default: homeDirectory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:305 +msgid "ldap_user_shell (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:308 +msgid "The LDAP attribute that contains the path to the user's default shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:312 +msgid "Default: loginShell" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:318 +msgid "ldap_user_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:321 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 +msgid "Default: nsUniqueId" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:331 +msgid "ldap_user_modify_timestamp (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 +msgid "" +"The LDAP attribute that contains timestamp of the last modification of the " +"parent object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 +msgid "Default: modifyTimestamp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:344 +msgid "ldap_user_shadow_last_change (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:347 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " +"the last password change)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:357 +msgid "Default: shadowLastChange" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:363 +msgid "ldap_user_shadow_min (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:366 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " +"password age)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:375 +msgid "Default: shadowMin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:381 +msgid "ldap_user_shadow_max (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:384 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " +"password age)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:393 +msgid "Default: shadowMax" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:399 +msgid "ldap_user_shadow_warning (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:402 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " +"(password warning period)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:412 +msgid "Default: shadowWarning" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:418 +msgid "ldap_user_shadow_inactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:421 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " +"(password inactivity period)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:431 +msgid "Default: shadowInactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:437 +msgid "ldap_user_shadow_expire (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:440 +msgid "" +"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " +"parameter contains the name of an LDAP attribute corresponding to its " +"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> counterpart (account expiration date)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:450 +msgid "Default: shadowExpire" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:456 +msgid "ldap_user_krb_last_pwd_change (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:459 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " +"an LDAP attribute storing the date and time of last password change in " +"kerberos." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:465 +msgid "Default: krbLastPwdChange" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:471 +msgid "ldap_user_krb_password_expiration (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:474 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " +"an LDAP attribute storing the date and time when current password expires." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:480 +msgid "Default: krbPasswordExpiration" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:486 +msgid "ldap_user_ad_account_expires (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:489 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the expiration time of the account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:494 +msgid "Default: accountExpires" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:500 +msgid "ldap_user_ad_user_account_control (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:503 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the user account control bit field." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:508 +msgid "Default: userAccountControl" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:514 +msgid "ldap_ns_account_lock (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:517 +msgid "" +"When using ldap_account_expire_policy=rhds or equivalent, this parameter " +"determines if access is allowed or not." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:522 +msgid "Default: nsAccountLock" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:528 +msgid "ldap_user_nds_login_disabled (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:531 +msgid "" +"When using ldap_account_expire_policy=nds, this attribute determines if " +"access is allowed or not." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 +msgid "Default: loginDisabled" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:541 +msgid "ldap_user_nds_login_expiration_time (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:544 +msgid "" +"When using ldap_account_expire_policy=nds, this attribute determines until " +"which date access is granted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:555 +msgid "ldap_user_nds_login_allowed_time_map (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:558 +msgid "" +"When using ldap_account_expire_policy=nds, this attribute determines the " +"hours of a day in a week when access is granted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:563 +msgid "Default: loginAllowedTimeMap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:569 +msgid "ldap_user_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:572 +msgid "" +"The LDAP attribute that contains the user's Kerberos User Principal Name " +"(UPN)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:576 +msgid "Default: krbPrincipalName" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:582 +msgid "ldap_user_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:585 +msgid "The LDAP attribute that contains the user's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:592 +msgid "ldap_force_upper_case_realm (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:595 +msgid "" +"Some directory servers, for example Active Directory, might deliver the " +"realm part of the UPN in lower case, which might cause the authentication to " +"fail. Set this option to a non-zero value if you want to use an upper-case " +"realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:608 +msgid "ldap_enumeration_refresh_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:611 +msgid "" +"Specifies how many seconds SSSD has to wait before refreshing its cache of " +"enumerated records." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 +msgid "Default: 300" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:622 +msgid "ldap_purge_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:625 +msgid "" +"Determine how often to check the cache for inactive entries (such as groups " +"with no members and users who have never logged in) and remove them to save " +"space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:631 +msgid "Setting this option to zero will disable the cache cleanup operation." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:635 +msgid "Default: 10800 (12 hours)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:641 +msgid "ldap_user_fullname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:644 +msgid "The LDAP attribute that corresponds to the user's full name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 +#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 +#: sssd-ipa.5.xml:422 +msgid "Default: cn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:654 +msgid "ldap_user_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:657 +msgid "The LDAP attribute that lists the user's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 +msgid "Default: memberOf" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:667 +msgid "ldap_user_authorized_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:670 +msgid "" +"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " +"use the presence of the authorizedService attribute in the user's LDAP entry " +"to determine access privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:677 +msgid "" +"An explicit deny (!svc) is resolved first. Second, SSSD searches for " +"explicit allow (svc) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:682 +msgid "Default: authorizedService" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:688 +msgid "ldap_user_authorized_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:691 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:697 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:702 +msgid "Default: host" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:708 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:711 +msgid "The object class of a group entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:714 +msgid "Default: posixGroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:720 +msgid "ldap_group_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:723 +msgid "The LDAP attribute that corresponds to the group name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:733 +msgid "ldap_group_gid_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:736 +msgid "The LDAP attribute that corresponds to the group's id." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:746 +msgid "ldap_group_member (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:749 +msgid "The LDAP attribute that contains the names of the group's members." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:753 +msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:759 +msgid "ldap_group_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:762 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:772 +msgid "ldap_group_modify_timestamp (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:785 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:788 +msgid "" +"If ldap_schema is set to a schema format that supports nested groups (e.g. " +"RFC2307bis), then this option controls how many levels of nesting SSSD will " +"follow. This option has no effect on the RFC2307 schema." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:795 +msgid "Default: 2" +msgstr "Пешфарз: 2" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:801 +msgid "ldap_netgroup_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:804 +msgid "The object class of a netgroup entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:807 +msgid "In IPA provider, ipa_netgroup_object_class should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:811 +msgid "Default: nisNetgroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:817 +msgid "ldap_netgroup_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:820 +msgid "The LDAP attribute that corresponds to the netgroup name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:824 +msgid "In IPA provider, ipa_netgroup_name should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:834 +msgid "ldap_netgroup_member (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:837 +msgid "The LDAP attribute that contains the names of the netgroup's members." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:841 +msgid "In IPA provider, ipa_netgroup_member should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:845 +msgid "Default: memberNisNetgroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:851 +msgid "ldap_netgroup_triple (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:854 +msgid "" +"The LDAP attribute that contains the (host, user, domain) netgroup triples." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 +msgid "This option is not available in IPA provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:861 +msgid "Default: nisNetgroupTriple" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:867 +msgid "ldap_netgroup_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:870 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:874 +msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:884 +msgid "ldap_netgroup_modify_timestamp (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:900 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:903 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:906 +msgid "Default: ipService" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:912 +msgid "ldap_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:915 +msgid "" +"The LDAP attribute that contains the name of service attributes and their " +"aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:925 +msgid "ldap_service_port (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:928 +msgid "The LDAP attribute that contains the port managed by this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:932 +msgid "Default: ipServicePort" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:938 +msgid "ldap_service_proto (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:941 +msgid "" +"The LDAP attribute that contains the protocols understood by this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:945 +msgid "Default: ipServiceProtocol" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:951 +msgid "ldap_service_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:954 +msgid "An optional base DN to restrict service searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 +#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 +#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 +#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:970 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:973 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " +"is entered)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:979 +msgid "" +"Note: this option is subject to change in future versions of the SSSD. It " +"will likely be replaced at some point by a series of timeouts for specific " +"lookup types." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 +msgid "Default: 6" +msgstr "Пешфарз: 6" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:991 +msgid "ldap_enumeration_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:994 +msgid "" +"Specifies the timeout (in seconds) that ldap searches for user and group " +"enumerations are allowed to run before they are cancelled and cached results " +"are returned (and offline mode is entered)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1001 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1007 +msgid "ldap_network_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1010 +msgid "" +"Specifies the timeout (in seconds) after which the <citerefentry> " +"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" +"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" +"manvolnum> </citerefentry> following a <citerefentry> " +"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" +"citerefentry> returns in case of no activity." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1033 +msgid "ldap_opt_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1036 +msgid "" +"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " +"will abort if no response is received. Also controls the timeout when " +"communicating with the KDC in case of SASL bind." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1048 +msgid "ldap_connection_expire_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1051 +msgid "" +"Specifies a timeout (in seconds) that a connection to an LDAP server will be " +"maintained. After this time, the connection will be re-established. If used " +"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " +"the TGT lifetime) will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1059 +msgid "Default: 900 (15 minutes)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1065 +msgid "ldap_page_size (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1068 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1073 +msgid "Default: 1000" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1079 +msgid "ldap_disable_paging" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1082 +msgid "" +"Disable the LDAP paging control. This option should be used if the LDAP " +"server reports that it supports the LDAP paging control in its RootDSE but " +"it is not enabled or does not behave properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1088 +msgid "" +"Example: OpenLDAP servers with the paging control module installed on the " +"server but not enabled will report it in the RootDSE but be unable to use it." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1094 +msgid "" +"Example: 389 DS has a bug where it can only support a one paging control at " +"a time on a single connection. On busy clients, this can result in some " +"requests being denied." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1103 +msgid "ldap_deref_threshold (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1106 +msgid "" +"Specify the number of group members that must be missing from the internal " +"cache in order to trigger a dereference lookup. If less members are missing, " +"they are looked up individually." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1112 +msgid "" +"You can turn off dereference lookups completely by setting the value to 0." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1116 +msgid "" +"A dereference lookup is a means of fetching all group members in a single " +"LDAP call. Different LDAP servers may implement different dereference " +"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " +"Directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1124 +msgid "" +"<emphasis>Note:</emphasis> If any of the search bases specifies a search " +"filter, then the dereference lookup performance enhancement will be disabled " +"regardless of this setting." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1137 +msgid "ldap_tls_reqcert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1140 +msgid "" +"Specifies what checks to perform on server certificates in a TLS session, if " +"any. It can be specified as one of the following values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1146 +msgid "" +"<emphasis>never</emphasis> = The client will not request or check any server " +"certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1150 +msgid "" +"<emphasis>allow</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate " +"is provided, it will be ignored and the session proceeds normally." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1157 +msgid "" +"<emphasis>try</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate " +"is provided, the session is immediately terminated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1163 +msgid "" +"<emphasis>demand</emphasis> = The server certificate is requested. If no " +"certificate is provided, or a bad certificate is provided, the session is " +"immediately terminated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1169 +msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1173 +msgid "Default: hard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1179 +msgid "ldap_tls_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1182 +msgid "" +"Specifies the file that contains certificates for all of the Certificate " +"Authorities that <command>sssd</command> will recognize." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 +msgid "" +"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." +"conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1194 +msgid "ldap_tls_cacertdir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1197 +msgid "" +"Specifies the path of a directory that contains Certificate Authority " +"certificates in separate individual files. Typically the file names need to " +"be the hash of the certificate followed by '.0'. If available, " +"<command>cacertdir_rehash</command> can be used to create the correct names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1212 +msgid "ldap_tls_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1215 +msgid "Specifies the file that contains the certificate for the client's key." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 +#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 +msgid "Default: not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1225 +msgid "ldap_tls_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1228 +msgid "Specifies the file that contains the client's key." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1237 +msgid "ldap_tls_cipher_suite (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1240 +msgid "" +"Specifies acceptable cipher suites. Typically this is a colon sperated " +"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1253 +msgid "ldap_id_use_start_tls (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1256 +msgid "" +"Specifies that the id_provider connection must also use <systemitem class=" +"\"protocol\">tls</systemitem> to protect the channel." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1266 +msgid "ldap_sasl_mech (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1269 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +"supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 +msgid "Default: none" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1279 +msgid "ldap_sasl_authid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1282 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI is used, this " +"represents the Kerberos principal used for authentication to the directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1287 +msgid "Default: host/machine.fqdn@REALM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1293 +msgid "ldap_sasl_canonicalize (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1296 +msgid "" +"If set to true, the LDAP library would perform a reverse lookup to " +"canonicalize the host name during a SASL bind." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1301 +msgid "Default: false;" +msgstr "Пешфарз: false;" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1307 +msgid "ldap_krb5_keytab (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1310 +msgid "Specify the keytab to use when using SASL/GSSAPI." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1313 +msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1319 +msgid "ldap_krb5_init_creds (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1322 +msgid "" +"Specifies that the id_provider should init Kerberos credentials (TGT). This " +"action is performed only if SASL is used and the mechanism selected is " +"GSSAPI." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1334 +msgid "ldap_krb5_ticket_lifetime (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1337 +msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1341 +msgid "Default: 86400 (24 hours)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 +msgid "krb5_server (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 +msgid "" +"Specifies the comma-separated list of IP addresses or hostnames of the " +"Kerberos servers to which SSSD should connect in the order of preference. " +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. An optional port number (preceded by a " +"colon) may be appended to the addresses or hostnames. If empty, service " +"discovery is enabled - for more information, refer to the <quote>SERVICE " +"DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 +msgid "" +"When using service discovery for KDC or kpasswd servers, SSSD first searches " +"for DNS entries that specify _udp as the protocol and falls back to _tcp if " +"none are found." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 +msgid "" +"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " +"While the legacy name is recognized for the time being, users are advised to " +"migrate their config files to use <quote>krb5_server</quote> instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 +msgid "krb5_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1379 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1382 +msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 +msgid "krb5_canonicalize (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1391 +msgid "" +"Specifies if the host principal should be canonicalized when connecting to " +"LDAP server. This feature is available with MIT Kerberos >= 1.7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1403 +msgid "ldap_pwd_policy (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1406 +msgid "" +"Select the policy to evaluate the password expiration on the client side. " +"The following values are allowed:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1411 +msgid "" +"<emphasis>none</emphasis> - No evaluation on the client side. This option " +"cannot disable server-side password policies." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1416 +msgid "" +"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " +"evaluate if the password has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1422 +msgid "" +"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " +"to determine if the password has expired. Use chpass_provider=krb5 to update " +"these attributes when the password is changed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1434 +msgid "ldap_referrals (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1437 +msgid "Specifies whether automatic referral chasing should be enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "" +"Please note that sssd only supports referral chasing when it is compiled " +"with OpenLDAP version 2.4.13 or higher." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1452 +msgid "ldap_dns_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1455 +msgid "Specifies the service name to use when service discovery is enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1459 +msgid "Default: ldap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1465 +msgid "ldap_chpass_dns_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1468 +msgid "" +"Specifies the service name to use to find an LDAP server which allows " +"password changes when service discovery is enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1473 +msgid "Default: not set, i.e. service discovery is disabled" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1479 +msgid "ldap_access_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1482 +msgid "" +"If using access_provider = ldap, this option is mandatory. It specifies an " +"LDAP search filter criteria that must be met for the user to be granted " +"access on this host. If access_provider = ldap and this option is not set, " +"it will result in all users being denied access. Use access_provider = allow " +"to change this default behavior." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 +msgid "Example:" +msgstr "Намуна:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1495 +#, no-wrap +msgid "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1499 +msgid "" +"This example means that access to this host is restricted to members of the " +"\"allowedusers\" group in ldap." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1504 +msgid "" +"Offline caching for this feature is limited to determining whether the " +"user's last online login was granted access permission. If they were granted " +"access during their last login, they will continue to be granted access " +"while offline and vice-versa." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 +msgid "Default: Empty" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1518 +msgid "ldap_account_expire_policy (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1521 +msgid "" +"With this option a client side evaluation of access control attributes can " +"be enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1525 +msgid "" +"Please note that it is always recommended to use server side access control, " +"i.e. the LDAP server should deny the bind request with a suitable error code " +"even if the password is correct." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1532 +msgid "The following values are allowed:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1535 +msgid "" +"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " +"determine if the account is expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1540 +msgid "" +"<emphasis>ad</emphasis>: use the value of the 32bit field " +"ldap_user_ad_user_account_control and allow access if the second bit is not " +"set. If the attribute is missing access is granted. Also the expiration time " +"of the account is checked." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1547 +msgid "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" +"emphasis>: use the value of ldap_ns_account_lock to check if access is " +"allowed or not." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1553 +msgid "" +"<emphasis>nds</emphasis>: the values of " +"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " +"ldap_user_nds_login_expiration_time are used to check if access is allowed. " +"If both attributes are missing access is granted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1568 +msgid "ldap_access_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1571 +msgid "Comma separated list of access control options. Allowed values are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1575 +msgid "<emphasis>filter</emphasis>: use ldap_access_filter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1578 +msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "" +"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " +"to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1587 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1591 +msgid "Default: filter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1594 +msgid "" +"Please note that it is a configuration error if a value is used more than " +"once." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1601 +msgid "ldap_deref (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1604 +msgid "" +"Specifies how alias dereferencing is done when performing a search. The " +"following options are allowed:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1609 +msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1613 +msgid "" +"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " +"the base object, but not in locating the base object of the search." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1618 +msgid "" +"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " +"the base object of the search." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1623 +msgid "" +"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " +"in locating the base object of the search." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1628 +msgid "" +"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " +"client libraries)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:51 +msgid "" +"All of the common configuration options that apply to SSSD domains also " +"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " +"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for full details. <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1639 +msgid "SUDO OPTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1644 +msgid "ldap_sudorule_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1647 +msgid "The object class of a sudo rule entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1650 +msgid "Default: sudoRole" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1656 +msgid "ldap_sudorule_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1659 +msgid "The LDAP attribute that corresponds to the sudo rule name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1669 +msgid "ldap_sudorule_command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1672 +msgid "The LDAP attribute that corresponds to the command name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1676 +msgid "Default: sudoCommand" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1682 +msgid "ldap_sudorule_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1685 +msgid "" +"The LDAP attribute that corresponds to the host name (or host IP address, " +"host IP network, or host netgroup)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1690 +msgid "Default: sudoHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1696 +msgid "ldap_sudorule_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1699 +msgid "" +"The LDAP attribute that corresponds to the user name (or UID, group name or " +"user's netgroup)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1703 +msgid "Default: sudoUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1709 +msgid "ldap_sudorule_option (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1712 +msgid "The LDAP attribute that corresponds to the sudo options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1716 +msgid "Default: sudoOption" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1722 +msgid "ldap_sudorule_runasuser (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1725 +msgid "" +"The LDAP attribute that corresponds to the user name that commands may be " +"run as." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1729 +msgid "Default: sudoRunAsUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1735 +msgid "ldap_sudorule_runasgroup (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1738 +msgid "" +"The LDAP attribute that corresponds to the group name or group GID that " +"commands may be run as." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1742 +msgid "Default: sudoRunAsGroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1748 +msgid "ldap_sudorule_notbefore (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1751 +msgid "" +"The LDAP attribute that corresponds to the start date/time for when the sudo " +"rule is valid." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1755 +msgid "Default: sudoNotBefore" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1761 +msgid "ldap_sudorule_notafter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1764 +msgid "" +"The LDAP attribute that corresponds to the expiration date/time, after which " +"the sudo rule will no longer be valid." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1769 +msgid "Default: sudoNotAfter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1775 +msgid "ldap_sudorule_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1778 +msgid "The LDAP attribute that corresponds to the ordering index of the rule." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1782 +msgid "Default: sudoOrder" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1788 +msgid "ldap_sudo_refresh_enabled (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1791 +msgid "" +"Enables periodical download of all sudo rules. The cache is purged before " +"each update." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1801 +msgid "ldap_sudo_refresh_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1804 +msgid "" +"How many seconds SSSD has to wait before refreshing its cache of sudo rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1642 +msgid "<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1815 +msgid "" +"This manual page only describes attribute name mapping. For detailed " +"explanation of sudo related attribute semantics, see <citerefentry> " +"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1825 +msgid "AUTOFS OPTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1827 +msgid "" +"Please note that the default values correspond to the default schema which " +"is RFC2307." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1834 +msgid "ldap_autofs_map_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 +msgid "The object class of an automount map entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 +msgid "Default: automountMap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1847 +msgid "ldap_autofs_map_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1850 +msgid "The name of an automount map entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1853 +msgid "Default: ou" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1860 +msgid "ldap_autofs_entry_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1874 +msgid "ldap_autofs_entry_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 +msgid "" +"The key of an automount entry in LDAP. The entry usually corresponds to a " +"mount point." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1888 +msgid "ldap_autofs_entry_value (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1895 +msgid "Default: automountInformation" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1832 +msgid "" +"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" +"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " +"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" +"\"variablelist\" id=\"4\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1904 +msgid "ADVANCED OPTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1911 +msgid "ldap_netgroup_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1914 +msgid "" +"An optional base DN to restrict netgroup searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1930 +msgid "ldap_user_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1933 +msgid "An optional base DN to restrict user searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1949 +msgid "ldap_group_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1952 +msgid "An optional base DN to restrict group searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1968 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1971 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1975 +msgid "" +"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " +"by ldap_user_search_base." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1985 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1988 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1995 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1998 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2002 +msgid "" +"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " +"by ldap_group_search_base." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2012 +msgid "ldap_sudo_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2015 +msgid "" +"An optional base DN to restrict sudo rules searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2034 +msgid "ldap_autofs_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2037 +msgid "" +"An optional base DN to restrict automounter searches to a specific subtree." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1906 +msgid "" +"These options are supported by LDAP domains, but they should be used with " +"caution. Please include them in your configuration only if you know what you " +"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2066 +msgid "" +"The following example assumes that SSSD is correctly configured and LDAP is " +"set to one of the domains in the <replaceable>[domains]</replaceable> " +"section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ldap.5.xml:2072 +#, no-wrap +msgid "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 +#: sssd-krb5.5.xml:441 +msgid "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 +msgid "NOTES" +msgstr "ЭЗОҲҲО" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2087 +msgid "" +"The descriptions of some of the configuration options in this manual page " +"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " +"distribution." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2098 +msgid "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <refentryinfo> +#: pam_sss.8.xml:8 include/upstream.xml:2 +msgid "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" +"fedorahosted.org/sssd</orgname>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: pam_sss.8.xml:13 pam_sss.8.xml:18 +msgid "pam_sss" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: pam_sss.8.xml:19 +msgid "PAM module for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: pam_sss.8.xml:24 +msgid "" +"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" +"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" +"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:45 +msgid "" +"<command>pam_sss.so</command> is the PAM interface to the System Security " +"Services daemon (SSSD). Errors and results are logged through <command>syslog" +"(3)</command> with the LOG_AUTHPRIV facility." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:55 +msgid "<option>quiet</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:58 +msgid "Suppress log messages for unknown users." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:63 +msgid "<option>forward_pass</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:66 +msgid "" +"If <option>forward_pass</option> is set the entered password is put on the " +"stack for other PAM modules to use." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:73 +msgid "<option>use_first_pass</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:76 +msgid "" +"The argument use_first_pass forces the module to use a previous stacked " +"modules password and will never prompt the user - if no password is " +"available or the password is not appropriate, the user will be denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:84 +msgid "<option>use_authtok</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:87 +msgid "" +"When password changing enforce the module to set the new password to the one " +"provided by a previously stacked password module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:94 +msgid "<option>retry=N</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:97 +msgid "" +"If specified the user is asked another N times for a password if " +"authentication fails. Default is 0." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:99 +msgid "" +"Please note that this option might not work as expected if the application " +"calling PAM handles the user dialog on its own. A typical example is " +"<command>sshd</command> with <option>PasswordAuthentication</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:110 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:111 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:117 +msgid "FILES" +msgstr "ФАЙЛҲО" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:118 +msgid "" +"If a password reset by root fails, because the corresponding SSSD provider " +"does not support password resets, an individual message can be displayed. " +"This message can e.g. contain instructions about how to reset a password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:123 +msgid "" +"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" +"filename> where LOC stands for a locale string returned by <citerefentry> " +"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" +"citerefentry>. If there is no matching file the content of " +"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " +"the owner of the files and only root may have read and write permissions " +"while all other users must have only read permissions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:133 +msgid "" +"These files are searched in the directory <filename>/etc/sssd/customize/" +"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " +"displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:141 +msgid "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 +msgid "sssd_krb5_locator_plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:22 +msgid "" +"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " +"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " +"libraries what Realm and which KDC to use. Typically this is done in " +"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " +"To simplify the configuration the Realm and the KDC can be defined in " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> as described in <citerefentry> " +"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:48 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry> puts the Realm and the name or IP address of the KDC into " +"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " +"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " +"libraries it reads and evaluates these variables and returns them to the " +"libraries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:63 +msgid "" +"Not all Kerberos implementations support the use of plugins. If " +"<command>sssd_krb5_locator_plugin</command> is not available on your system " +"you have to edit /etc/krb5.conf to reflect your Kerberos setup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:69 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " +"debug messages will be sent to stderr." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:77 +msgid "" +"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 +msgid "sssd-simple" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd-simple.5.xml:17 +msgid "the configuration file for SSSD's 'simple' access-control provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:24 +msgid "" +"This manual page describes the configuration of the simple access-control " +"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " +"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:38 +msgid "" +"The simple access provider grants or denies access based on an access or " +"deny list of user or group names. The following rules apply:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:43 +msgid "If all lists are empty, access is granted" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:47 +msgid "" +"If any list is provided, the order of evaluation is allow,deny. This means " +"that any matching deny rule will supersede any matched allow rule." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:54 +msgid "" +"If either or both \"allow\" lists are provided, all users are denied unless " +"they appear in the list." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:60 +msgid "" +"If only \"deny\" lists are provided, all users are granted access unless " +"they appear in the list." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:78 +msgid "simple_allow_users (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:81 +msgid "Comma separated list of users who are allowed to log in." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:88 +msgid "simple_deny_users (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:91 +msgid "Comma separated list of users who are explicitly denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:97 +msgid "simple_allow_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:100 +msgid "" +"Comma separated list of groups that are allowed to log in. This applies only " +"to groups within this SSSD domain. Local groups are not evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:108 +msgid "simple_deny_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:111 +msgid "" +"Comma separated list of groups that are explicitly denied access. This " +"applies only to groups within this SSSD domain. Local groups are not " +"evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 +msgid "" +"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> manual page for details on the configuration of an SSSD " +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:120 +msgid "" +"Please note that it is an configuration error if both, simple_allow_users " +"and simple_deny_users, are defined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:128 +msgid "" +"The following example assumes that SSSD is correctly configured and example." +"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " +"This examples shows only the simple access provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-simple.5.xml:135 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:145 +msgid "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 +msgid "sssd-ipa" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:23 +msgid "" +"This manual page describes the configuration of the IPA provider for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " +"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:36 +msgid "" +"The IPA provider is a back end used to connect to an IPA server. (Refer to " +"the freeipa.org web site for information about IPA servers.) This provider " +"requires that the machine be joined to the IPA domain; configuration is " +"almost entirely self-discovered and obtained directly from the server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:43 +msgid "" +"The IPA provider accepts the same options used by the <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " +"provider with some exceptions described below." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:55 +msgid "" +"However, it is neither necessary nor recommended to set these options. IPA " +"provider can also be used as an access and chpass provider. As an access " +"provider it uses HBAC (host-based access control) rules. Please refer to " +"freeipa.org for more information about HBAC. No configuration of access " +"provider is required on the client side." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:72 +msgid "ipa_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:75 +msgid "" +"Specifies the name of the IPA domain. This is optional. If not provided, " +"the configuration domain name is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:83 +msgid "ipa_server (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:86 +msgid "" +"The comma-separated list of IP addresses or hostnames of the IPA servers to " +"which SSSD should connect in the order of preference. For more information " +"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " +"This is optional if autodiscovery is enabled. For more information on " +"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:99 +msgid "ipa_hostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:102 +msgid "" +"Optional. May be set on machines where the hostname(5) does not reflect the " +"fully qualified name used in the IPA domain to identify this host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:110 +msgid "ipa_dyndns_update (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:113 +msgid "" +"Optional. This option tells SSSD to automatically update the DNS server " +"built into FreeIPA v2 with the IP address of this client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:118 +msgid "" +"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " +"the default Kerberos realm must be set properly in /etc/krb5.conf" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:129 +msgid "ipa_dyndns_iface (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:132 +msgid "" +"Optional. Applicable only when ipa_dyndns_update is true. Choose the " +"interface whose IP address should be used for dynamic DNS updates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:137 +msgid "Default: Use the IP address of the IPA LDAP connection" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:143 +msgid "ipa_hbac_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:146 +msgid "Optional. Use the given string as search base for HBAC related objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:150 +msgid "Default: Use base DN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:156 +msgid "ipa_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:159 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:168 +msgid "" +"If filter is given in any of search bases and " +"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " +"will be ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:180 +msgid "ipa_selinux_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:183 +msgid "Optional. Use the given string as search base for SELinux user maps." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 +msgid "krb5_validate (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 +msgid "" +"Verify with the help of krb5_keytab that the TGT obtained has not been " +"spoofed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:209 +msgid "" +"Note that this default differs from the traditional Kerberos provider back " +"end." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:219 +msgid "" +"The name of the Kerberos realm. This is optional and defaults to the value " +"of <quote>ipa_domain</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:223 +msgid "" +"The name of the Kerberos realm has a special meaning in IPA - it is " +"converted into the base DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:234 +msgid "" +"Specifies if the host and user principal should be canonicalized when " +"connecting to IPA LDAP and also for AS requests. This feature is available " +"with MIT Kerberos >= 1.7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:247 +msgid "ipa_hbac_refresh (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:250 +msgid "" +"The amount of time between lookups of the HBAC rules against the IPA server. " +"This will reduce the latency and load on the IPA server if there are many " +"access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:257 +msgid "Default: 5 (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:262 +msgid "ipa_hbac_treat_deny_as (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:265 +msgid "" +"This option specifies how to treat the deprecated DENY-type HBAC rules. As " +"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " +"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " +"client will support two modes of operation during this transition period:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:274 +msgid "" +"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " +"users will be denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:279 +msgid "" +"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " +"careful with this option, as it may result in opening unintended access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:284 +msgid "Default: DENY_ALL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:289 +msgid "ipa_hbac_support_srchost (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:292 +msgid "" +"If this is set to false, then srchost as given to SSSD by PAM will be " +"ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:296 +msgid "" +"Note that if set to <emphasis>False</emphasis>, this option casuses filters " +"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:307 +msgid "ipa_automount_location (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:310 +msgid "The automounter location this IPA client will be using" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:313 +msgid "Default: The location named \"default\"" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:319 +msgid "ipa_netgroup_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:322 +msgid "The LDAP attribute that lists netgroup's memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:331 +msgid "ipa_netgroup_member_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 +msgid "" +"The LDAP attribute that lists system users and groups that are direct " +"members of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 +msgid "Default: memberUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:344 +msgid "ipa_netgroup_member_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:347 +msgid "" +"The LDAP attribute that lists hosts and host groups that are direct members " +"of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 +msgid "Default: memberHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:356 +msgid "ipa_netgroup_member_ext_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:359 +msgid "" +"The LDAP attribute that lists FQDNs of hosts and host groups that are " +"members of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:363 +msgid "Default: externalHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:368 +msgid "ipa_netgroup_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:371 +msgid "The LDAP attribute that contains NIS domain name of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:375 +msgid "Default: nisDomainName" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:381 +msgid "ipa_host_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 +msgid "The object class of a host entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 +msgid "Default: ipaHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:392 +msgid "ipa_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:395 +msgid "The LDAP attribute that contains FQDN of the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:398 +msgid "Default: fqdn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:404 +msgid "ipa_selinux_usermap_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:415 +msgid "ipa_selinux_usermap_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:418 +msgid "The LDAP attribute that contains the name of SELinux usermap." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:427 +msgid "ipa_selinux_usermap_member_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:430 +msgid "" +"The LDAP attribute that contains all users / groups this rule match against." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:439 +msgid "ipa_selinux_usermap_member_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:442 +msgid "" +"The LDAP attribute that contains all hosts / hostgroups this rule match " +"against." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:451 +msgid "ipa_selinux_usermap_see_also (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:454 +msgid "" +"The LDAP attribute that contains DN of HBAC rule which can be used for " +"matching instead of memberUser and memberHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:459 +msgid "Default: seeAlso" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:464 +msgid "ipa_selinux_usermap_selinux_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:467 +msgid "The LDAP attribute that contains SELinux user string itself." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:471 +msgid "Default: ipaSELinuxUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:476 +msgid "ipa_selinux_usermap_enabled (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:479 +msgid "" +"The LDAP attribute that contains whether or not is user map enabled for " +"usage." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:483 +msgid "Default: ipaEnabledFlag" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:488 +msgid "ipa_selinux_usermap_user_category (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:491 +msgid "The LDAP attribute that contains user category such as 'all'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:495 +msgid "Default: userCategory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:500 +msgid "ipa_selinux_usermap_host_category (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:503 +msgid "The LDAP attribute that contains host category such as 'all'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:507 +msgid "Default: hostCategory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:512 +msgid "ipa_selinux_usermap_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:515 +msgid "The LDAP attribute that contains unique ID of the user map." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:519 +msgid "Default: ipaUniqueID" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:524 +msgid "ipa_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:527 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:531 +msgid "Default: ipaSshPubKey" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:546 +msgid "" +"The following example assumes that SSSD is correctly configured and example." +"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " +"This examples shows only the ipa provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ipa.5.xml:553 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:564 +msgid "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.8.xml:10 sssd.8.xml:15 +msgid "sssd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.8.xml:16 +msgid "System Security Services Daemon" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sssd.8.xml:21 +msgid "" +"<command>sssd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:31 +msgid "" +"<command>SSSD</command> provides a set of daemons to manage access to remote " +"directories and authentication mechanisms. It provides an NSS and PAM " +"interface toward the system and a pluggable backend system to connect to " +"multiple different account sources as well as D-Bus interface. It is also " +"the basis to provide client auditing and policy services for projects like " +"FreeIPA. It provides a more robust database to store local users as well as " +"extended user data." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:46 +msgid "" +"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:53 +msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:57 +msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:60 +msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:69 +msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:73 +msgid "" +"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:76 +msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:79 +msgid "Default: 0" +msgstr "Пешфарз: 0" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:85 +msgid "<option>-f</option>,<option>--debug-to-files</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:89 +msgid "" +"Send the debug output to files instead of stderr. By default, the log files " +"are stored in <filename>/var/log/sssd</filename> and there are separate log " +"files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:97 +msgid "<option>-D</option>,<option>--daemon</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:101 +msgid "Become a daemon after starting up." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:107 +msgid "<option>-i</option>,<option>--interactive</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:111 +msgid "Run in the foreground, don't become a daemon." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 +msgid "<option>-c</option>,<option>--config</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 +msgid "" +"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." +"conf</filename>. For reference on the config file syntax and options, " +"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:135 +msgid "<option>--version</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:139 +msgid "Print version number and exit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.8.xml:147 +msgid "Signals" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:150 +msgid "SIGTERM/SIGINT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:153 +msgid "" +"Informs the SSSD to gracefully terminate all of its child processes and then " +"shut down the monitor." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:159 +msgid "SIGHUP" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:162 +msgid "" +"Tells the SSSD to stop writing to its current debug file descriptors and to " +"close and reopen them. This is meant to facilitate log rolling with programs " +"like logrotate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:170 +msgid "SIGUSR1" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:173 +msgid "" +"Tells the SSSD to simulate offline operation for one minute. This is mostly " +"useful for testing purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:179 +msgid "SIGUSR2" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:182 +msgid "" +"Tells the SSSD to go online immediately. This is mostly useful for testing " +"purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:193 +msgid "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 +msgid "sss_obfuscate" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_obfuscate.8.xml:16 +msgid "obfuscate a clear text password" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_obfuscate.8.xml:21 +msgid "" +"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:32 +msgid "" +"<command>sss_obfuscate</command> converts a given password into human-" +"unreadable format and places it into appropriate domain section of the SSSD " +"config file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:37 +msgid "" +"The cleartext password is read from standard input or entered " +"interactively. The obfuscated password is put into " +"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " +"<quote>ldap_default_authtok_type</quote> parameter is set to " +"<quote>obfuscated_password</quote>. Refer to <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more details on these parameters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:49 +msgid "" +"Please note that obfuscating the password provides <emphasis>no real " +"security benefit</emphasis> as it is still possible for an attacker to " +"reverse-engineer the password back. Using better authentication mechanisms " +"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " +"advised." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:63 +msgid "<option>-s</option>,<option>--stdin</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:67 +msgid "The password to obfuscate will be read from standard input." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:79 +msgid "" +"The SSSD domain to use the password in. The default name is <quote>default</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:86 +msgid "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:91 +msgid "Read the config file specified by the positional parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:95 +msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:105 +msgid "" +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 +msgid "sss_useradd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_useradd.8.xml:16 +msgid "create a new user" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_useradd.8.xml:21 +msgid "" +"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:32 +msgid "" +"<command>sss_useradd</command> creates a new user account using the values " +"specified on the command line plus the default values from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:43 +msgid "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:48 +msgid "" +"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 +msgid "" +"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +msgid "" +"Any text string describing the user. Often used as the field for the user's " +"full name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 +msgid "" +"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:72 +msgid "" +"The home directory of the user account. The default is to append the " +"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " +"that as the home directory. The base that is prepended before " +"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" +"baseDirectory</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 +msgid "" +"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:87 +msgid "" +"The user's login shell. The default is currently <filename>/bin/bash</" +"filename>. The default can be changed with <quote>user_defaults/" +"defaultShell</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:96 +msgid "" +"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:101 +msgid "A list of existing groups this user is also a member of." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:107 +msgid "<option>-m</option>,<option>--create-home</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:111 +msgid "" +"Create the user's home directory if it does not exist. The files and " +"directories contained in the skeleton directory (which can be defined with " +"the -k option or in the config file) will be copied to the home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:121 +msgid "<option>-M</option>,<option>--no-create-home</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:125 +msgid "" +"Do not create the user's home directory. Overrides configuration settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:132 +msgid "" +"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:137 +msgid "" +"The skeleton directory, which contains files and directories to be copied in " +"the user's home directory, when the home directory is created by " +"<command>sss_useradd</command>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:143 +msgid "" +"This option is only valid if the <option>-m</option> (or <option>--create-" +"home</option>) option is specified, or creation of home directories is set " +"to TRUE in the configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 +msgid "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:157 +msgid "" +"The SELinux user for the user's login. If not specified, the system default " +"will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:169 +msgid "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 +msgid "sssd-krb5" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:23 +msgid "" +"This manual page describes the configuration of the Kerberos 5 " +"authentication backend for <citerefentry> <refentrytitle>sssd</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " +"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " +"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:36 +msgid "" +"The Kerberos 5 authentication backend contains auth and chpass providers. It " +"must be paired with identity provider in order to function properly (for " +"example, id_provider = ldap). Some information required by the Kerberos 5 " +"authentication backend must be provided by the identity provider, such as " +"the user's Kerberos Principal Name (UPN). The configuration of the identity " +"provider should have an entry to specify the UPN. Please refer to the man " +"page for the applicable identity provider for details on how to configure " +"this." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:47 +msgid "" +"This backend also provides access control based on the .k5login file in the " +"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " +"Please note that an empty .k5login file will deny all access to this user. " +"To activate this feature use 'access_provider = krb5' in your sssd " +"configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:55 +msgid "" +"In the case where the UPN is not available in the identity backend " +"<command>sssd</command> will construct a UPN using the format " +"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:106 +msgid "" +"The name of the Kerberos realm. This option is required and must be " +"specified." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:113 +msgid "krb5_kpasswd (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:116 +msgid "" +"If the change password service is not running on the KDC alternative servers " +"can be defined here. An optional port number (preceded by a colon) may be " +"appended to the addresses or hostnames." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:122 +msgid "" +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. Please note that even if there are no more " +"kpasswd servers to try the back end is not switch to offline if " +"authentication against the KDC is still possible." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:129 +msgid "Default: Use the KDC" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:135 +msgid "krb5_ccachedir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:138 +msgid "" +"Directory to store credential caches. All the substitution sequences of " +"krb5_ccname_template can be used here, too, except %d and %P. If the " +"directory does not exist it will be created. If %u, %U, %p or %h are used a " +"private directory belonging to the user is created. Otherwise a public " +"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " +"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" +"citerefentry> for details) is created." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:151 +msgid "Default: /tmp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:157 +msgid "krb5_ccname_template (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:171 +msgid "login UID" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:174 +msgid "%p" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:175 +msgid "principal name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:179 +msgid "%r" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:180 +msgid "realm name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:183 +msgid "%h" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:184 +msgid "home directory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:189 +msgid "value of krb5ccache_dir" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:194 +msgid "%P" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:195 +msgid "the process ID of the sssd client" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:160 +msgid "" +"Location of the user's credential cache. Currently only file based " +"credential caches are supported. In the template the following sequences are " +"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " +"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " +"way." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:209 +msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:215 +msgid "krb5_auth_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:218 +msgid "" +"Timeout in seconds after an online authentication or change password request " +"is aborted. If possible the authentication request is continued offline." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:241 +msgid "krb5_keytab (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:244 +msgid "" +"The location of the keytab to use when validating credentials obtained from " +"KDCs." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:248 +msgid "Default: /etc/krb5.keytab" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:254 +msgid "krb5_store_password_if_offline (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:257 +msgid "" +"Store the password of the user if the provider is offline and use it to " +"request a TGT when the provider gets online again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:262 +msgid "" +"Please note that this feature currently only available on a Linux platform. " +"Passwords stored in this way are kept in plaintext in the kernel keyring and " +"are potentially accessible by the root user (with difficulty)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:275 +msgid "krb5_renewable_lifetime (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:278 +msgid "" +"Request a renewable ticket with a total lifetime given by an integer " +"immediately followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 +msgid "<emphasis>s</emphasis> seconds" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 +msgid "<emphasis>m</emphasis> minutes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 +msgid "<emphasis>h</emphasis> hours" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 +msgid "<emphasis>d</emphasis> days." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 +msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:299 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"renewable lifetime to one and a half hours please use '90m' instead of " +"'1h30m'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:305 +msgid "Default: not set, i.e. the TGT is not renewable" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:311 +msgid "krb5_lifetime (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:314 +msgid "" +"Request ticket with a with a lifetime given by an integer immediately " +"followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:335 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"lifetime to one and a half hours please use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:340 +msgid "" +"Default: not set, i.e. the default ticket lifetime configured on the KDC." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:347 +msgid "krb5_renew_interval (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:350 +msgid "" +"The time in seconds between two checks if the TGT should be renewed. TGTs " +"are renewed if about half of their lifetime is exceeded." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:355 +msgid "If this option is not set or 0 the automatic renewal is disabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:365 +msgid "krb5_use_fast (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:368 +msgid "" +"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" +"authentication. The following options are supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:373 +msgid "" +"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " +"option at all." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:377 +msgid "" +"<emphasis>try</emphasis> to use FAST, if the server does not support fast " +"continue without." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:381 +msgid "" +"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " +"fast." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:385 +msgid "Default: not set, i.e. FAST is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:388 +msgid "Please note that a keytab is required to use fast." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:391 +msgid "" +"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " +"and above. If sssd used with an older version using this option is a " +"configuration error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:400 +msgid "krb5_fast_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:403 +msgid "Specifies the server principal to use for FAST." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:412 +msgid "" +"Specifies if the host and user principal should be canonicalized. This " +"feature is available with MIT Kerberos >= 1.7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:65 +msgid "" +"If the auth-module krb5 is used in a SSSD domain, the following options must " +"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " +"SECTIONS</quote> for details on the configuration of a SSSD domain. " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:434 +msgid "" +"The following example assumes that SSSD is correctly configured and FOO is " +"one of the domains in the <replaceable>[sssd]</replaceable> section. This " +"example shows only configuration of Kerberos authentication, it does not " +"include any identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-krb5.5.xml:442 +#, no-wrap +msgid "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:453 +msgid "" +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 +msgid "sss_groupadd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupadd.8.xml:16 +msgid "create a new group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupadd.8.xml:21 +msgid "" +"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:32 +msgid "" +"<command>sss_groupadd</command> creates a new group. These groups are " +"compatible with POSIX groups, with the additional feature that they can " +"contain other groups as members." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupadd.8.xml:43 +msgid "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupadd.8.xml:48 +msgid "" +"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:60 +msgid "" +"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 +msgid "sss_userdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_userdel.8.xml:16 +msgid "delete a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_userdel.8.xml:21 +msgid "" +"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:32 +msgid "" +"<command>sss_userdel</command> deletes a user identified by login name " +"<replaceable>LOGIN</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:44 +msgid "<option>-r</option>,<option>--remove</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:48 +msgid "" +"Files in the user's home directory will be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:56 +msgid "<option>-R</option>,<option>--no-remove</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:60 +msgid "" +"Files in the user's home directory will NOT be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:68 +msgid "<option>-f</option>,<option>--force</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:72 +msgid "" +"This option forces <command>sss_userdel</command> to remove the user's home " +"directory and mail spool, even if they are not owned by the specified user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:80 +msgid "<option>-k</option>,<option>--kick</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:84 +msgid "Before actually deleting the user, terminate all his processes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:95 +msgid "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 +msgid "sss_groupdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupdel.8.xml:16 +msgid "delete a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupdel.8.xml:21 +msgid "" +"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:32 +msgid "" +"<command>sss_groupdel</command> deletes a group identified by its name " +"<replaceable>GROUP</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:48 +msgid "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 +msgid "sss_groupshow" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupshow.8.xml:16 +msgid "print properties of a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupshow.8.xml:21 +msgid "" +"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:32 +msgid "" +"<command>sss_groupshow</command> displays information about a group " +"identified by its name <replaceable>GROUP</replaceable>. The information " +"includes the group ID number, members of the group and the parent group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupshow.8.xml:43 +msgid "<option>-R</option>,<option>--recursive</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupshow.8.xml:47 +msgid "" +"Also print indirect group members in a tree-like hierarchy. Note that this " +"also affects printing parent groups - without <option>R</option>, only the " +"direct parent will be printed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:60 +msgid "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 +msgid "sss_usermod" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_usermod.8.xml:16 +msgid "modify a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_usermod.8.xml:21 +msgid "" +"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:32 +msgid "" +"<command>sss_usermod</command> modifies the account specified by " +"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " +"on the command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:60 +msgid "The home directory of the user account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:71 +msgid "The user's login shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:82 +msgid "" +"Append this user to groups specified by the <replaceable>GROUPS</" +"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " +"a comma separated list of group names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:96 +msgid "" +"Remove this user from groups specified by the <replaceable>GROUPS</" +"replaceable> parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:103 +msgid "<option>-l</option>,<option>--lock</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:107 +msgid "Lock the user account. The user won't be able to log in." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:114 +msgid "<option>-u</option>,<option>--unlock</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:118 +msgid "Unlock the user account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:129 +msgid "The SELinux user for the user's login." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:140 +msgid "" +"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/service_discovery.xml:2 +msgid "SERVICE DISCOVERY" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/service_discovery.xml:4 +msgid "" +"The service discovery feature allows back ends to automatically find the " +"appropriate servers to connect to using a special DNS query." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:9 +msgid "Configuration" +msgstr "Ҷӯрсозӣ" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:11 +msgid "" +"If no servers are specified, the back end automatically uses service " +"discovery to try to find a server. Optionally, the user may choose to use " +"both fixed server addresses and service discovery by inserting a special " +"keyword, <quote>_srv_</quote>, in the list of servers. The order of " +"preference is maintained. This feature is useful if, for example, the user " +"prefers to use service discovery whenever possible, and fall back to a " +"specific server when no servers can be discovered using DNS." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:23 +msgid "The domain name" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:25 +msgid "" +"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for more details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:35 +msgid "The protocol" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:37 +msgid "" +"The queries usually specify _tcp as the protocol. Exceptions are documented " +"in respective option description." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:42 +msgid "See Also" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:44 +msgid "" +"For more information on the service discovery mechanism, refer to RFC 2782." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/upstream.xml:1 +msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/failover.xml:2 +msgid "FAILOVER" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/failover.xml:4 +msgid "" +"The failover feature allows back ends to automatically switch to a different " +"server if the primary server fails." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:8 +msgid "Failover Syntax" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:10 +msgid "" +"The list of servers is given as a comma-separated list; any number of spaces " +"is allowed around the comma. The servers are listed in order of preference. " +"The list can contain any number of servers." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:17 +msgid "The Failover Mechanism" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:19 +msgid "" +"The failover mechanism distinguishes between a machine and a service. The " +"back end first tries to resolve the hostname of a given machine; if this " +"resolution attempt fails, the machine is considered offline. No further " +"attempts are made to connect to this machine for any other service. If the " +"resolution attempt succeeds, the back end tries to connect to a service on " +"this machine. If the service connection attempt fails, then only this " +"particular service is considered offline and the back end automatically " +"switches over to the next service. The machine is still considered online " +"and might still be tried for another service." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:32 +msgid "" +"Further connection attempts are made to machines or services marked as " +"offline after a specified period of time; this is currently hard coded to 30 " +"seconds." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:37 +msgid "" +"If there are no more machines to try, the back end as a whole switches to " +"offline mode, and then attempts to reconnect every 30 seconds." +msgstr "" + +#. type: Content of: <varlistentry><term> +#: include/param_help.xml:3 +msgid "<option>-h</option>,<option>--help</option>" +msgstr "" + +#. type: Content of: <varlistentry><listitem><para> +#: include/param_help.xml:7 +msgid "Display help message and exit." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" diff --git a/src/man/po/tr.po b/src/man/po/tr.po deleted file mode 100644 index 37f5e62bf..000000000 --- a/src/man/po/tr.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Turkish (http://www.transifex.net/projects/p/fedora/team/" -"tr/)\n" -"Language: tr\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 52bdf5c00..164047f7e 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -4,14 +4,14 @@ # # Translators: # sgallagh <sgallagh@redhat.com>, 2011. -# Yuri Chornoivan <yurchor@ukr.net>, 2011. +# Yuri Chornoivan <yurchor@ukr.net>, 2011, 2012. msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2011-12-21 10:12+0000\n" -"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" +"POT-Creation-Date: 2012-03-12 16:37-0300\n" +"PO-Revision-Date: 2012-03-12 20:08+0000\n" +"Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Ukrainian <trans-uk@lists.fedoraproject.org>\n" "Language: uk\n" "MIME-Version: 1.0\n" @@ -25,7 +25,9 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 #: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 #: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 +#: sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "Сторінки підручника SSSD" @@ -38,7 +40,8 @@ msgstr "sss_groupmod" #: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 #: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 #: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 msgid "8" msgstr "8" @@ -64,6 +67,8 @@ msgstr "" #: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 #: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 #: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#: sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "ОПИС" @@ -80,6 +85,8 @@ msgstr "" #: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 #: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 #: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 +#: sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "ПАРАМЕТРИ" @@ -122,12 +129,13 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1348 sssd-ldap.5.xml:2096 #: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 #: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 #: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 #: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 +#: sss_usermod.8.xml:138 sss_ssh_authorizedkeys.1.xml:96 +#: sss_ssh_knownhostsproxy.1.xml:95 msgid "SEE ALSO" msgstr "ТАКОЖ ПЕРЕГЛЯНЬТЕ" @@ -258,7 +266,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:70 sssd.conf.5.xml:1194 msgid "Section parameters" msgstr "Параметри розділу" @@ -294,6 +302,7 @@ msgstr "" msgid "" "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" msgstr "" +"Підтримувані служби: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:94 sssd.conf.5.xml:257 @@ -542,7 +551,7 @@ msgid "Add a timestamp to the debug messages" msgstr "Додати часову позначку до діагностичних повідомлень." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 +#: sssd.conf.5.xml:241 sssd.conf.5.xml:393 sssd-ldap.5.xml:1328 #: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 msgid "Default: true" msgstr "Типове значення: true" @@ -559,7 +568,7 @@ msgstr "" "Додати значення мікросекунд до часової позначки у діагностичних повідомленнях" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 +#: sssd.conf.5.xml:252 sssd.conf.5.xml:658 sssd-ldap.5.xml:602 #: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 #: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 #: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 @@ -568,11 +577,31 @@ msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:270 +msgid "fd_limit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:273 +msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:282 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:287 msgid "command (string)" msgstr "command (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 +#: sssd.conf.5.xml:290 msgid "" "By default, the executable representing this service is called <command>sssd_" "${service_name}</command>. This directive allows to change the executable " @@ -584,17 +613,17 @@ msgstr "" "файла служби. Здебільшого потреби у зміні типового значення не виникатиме." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 +#: sssd.conf.5.xml:298 msgid "Default: <command>sssd_${service_name}</command>" msgstr "Типове значення: <command>sssd_${назва_служби}</command>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 +#: sssd.conf.5.xml:306 msgid "NSS configuration options" msgstr "Параметри налаштування NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 +#: sssd.conf.5.xml:308 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -602,12 +631,12 @@ msgstr "" "Switch (NSS або перемикання служби визначення назв)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:313 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 +#: sssd.conf.5.xml:316 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -616,17 +645,17 @@ msgstr "" "кеші nss_sss у секундах" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 +#: sssd.conf.5.xml:320 msgid "Default: 120" msgstr "Типове значення: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 +#: sssd.conf.5.xml:325 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 +#: sssd.conf.5.xml:328 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -637,7 +666,7 @@ msgstr "" "entry_cache_timeout для домену період часу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 +#: sssd.conf.5.xml:334 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -652,7 +681,7 @@ msgstr "" "розблокування після оновлення кешу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 +#: sssd.conf.5.xml:344 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -666,17 +695,17 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 +#: sssd.conf.5.xml:352 msgid "Default: 50" msgstr "Типове значення: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 +#: sssd.conf.5.xml:357 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:360 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -687,17 +716,17 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 +#: sssd.conf.5.xml:366 sssd.conf.5.xml:686 sssd-krb5.5.xml:223 msgid "Default: 15" msgstr "Типове значення: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 +#: sssd.conf.5.xml:371 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 +#: sssd.conf.5.xml:374 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " "particularly useful for system accounts. This option can also be set per-" @@ -711,17 +740,17 @@ msgstr "" "списку користувачами лише з певного домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 +#: sssd.conf.5.xml:381 msgid "Default: root" msgstr "Типове значення: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:386 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:389 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -729,62 +758,62 @@ msgstr "" "встановіть для цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 +#: sssd.conf.5.xml:398 msgid "override_homedir (string)" msgstr "override_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 +#: sssd.conf.5.xml:407 sssd-krb5.5.xml:166 msgid "%u" msgstr "%u" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 +#: sssd.conf.5.xml:408 sssd-krb5.5.xml:167 msgid "login name" msgstr "ім'я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 +#: sssd.conf.5.xml:411 sssd-krb5.5.xml:170 msgid "%U" msgstr "%U" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 +#: sssd.conf.5.xml:412 msgid "UID number" msgstr "номер UID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 +#: sssd.conf.5.xml:415 sssd-krb5.5.xml:188 msgid "%d" msgstr "%d" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:416 msgid "domain name" msgstr "назва домену" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 +#: sssd.conf.5.xml:419 msgid "%f" msgstr "%f" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 +#: sssd.conf.5.xml:420 msgid "fully qualified user name (user@domain)" msgstr "ім’я користувача повністю (користувач@домен)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 +#: sssd.conf.5.xml:423 sssd-krb5.5.xml:200 msgid "%%" msgstr "%%" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 +#: sssd.conf.5.xml:424 sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "символ відсотків («%»)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 +#: sssd.conf.5.xml:401 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " @@ -795,18 +824,18 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 +#: sssd.conf.5.xml:430 msgid "This option can also be set per-domain." msgstr "" "Значення цього параметра можна встановлювати для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#: sssd.conf.5.xml:435 msgid "allowed_shells (string)" msgstr "allowed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#: sssd.conf.5.xml:438 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -814,13 +843,13 @@ msgstr "" "визначення оболонки є таким:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 +#: sssd.conf.5.xml:441 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 +#: sssd.conf.5.xml:445 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -830,7 +859,7 @@ msgstr "" "shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:450 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -839,12 +868,12 @@ msgstr "" "<quote>/etc/shells</quote>, буде використано оболонку nologin." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 +#: sssd.conf.5.xml:455 msgid "An empty string for shell is passed as-is to libc." msgstr "Порожній рядок оболонки буде передано без обробки до libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 +#: sssd.conf.5.xml:458 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -853,29 +882,29 @@ msgstr "" "тобто у разі встановлення нової оболонки слід перезапустити SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 +#: sssd.conf.5.xml:462 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Типове значення: не встановлено. Автоматично використовується оболонка " "користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 +#: sssd.conf.5.xml:467 msgid "vetoed_shells (string)" msgstr "vetoed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 +#: sssd.conf.5.xml:470 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Замінити всі записи цих оболонок на shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:475 msgid "shell_fallback (string)" msgstr "shell_fallback (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 +#: sssd.conf.5.xml:478 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -883,17 +912,17 @@ msgstr "" "системі не встановлено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 +#: sssd.conf.5.xml:482 msgid "Default: /bin/sh" msgstr "Типове значення: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 +#: sssd.conf.5.xml:489 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 +#: sssd.conf.5.xml:491 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -902,12 +931,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:496 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 +#: sssd.conf.5.xml:499 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -917,17 +946,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 +#: sssd.conf.5.xml:504 sssd.conf.5.xml:517 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:510 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:513 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -936,12 +965,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 +#: sssd.conf.5.xml:523 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 +#: sssd.conf.5.xml:526 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -951,7 +980,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 +#: sssd.conf.5.xml:531 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -963,17 +992,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:537 sssd.conf.5.xml:590 sssd.conf.5.xml:1110 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 +#: sssd.conf.5.xml:543 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 +#: sssd.conf.5.xml:546 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -982,43 +1011,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#: sssd.conf.5.xml:551 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 +#: sssd.conf.5.xml:554 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 +#: sssd.conf.5.xml:557 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 +#: sssd.conf.5.xml:561 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:564 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 +#: sssd.conf.5.xml:568 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 +#: sssd.conf.5.xml:573 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:576 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1029,7 +1058,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 +#: sssd.conf.5.xml:582 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1043,18 +1072,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 +#: sssd.conf.5.xml:596 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 +#: sssd.conf.5.xml:599 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 +#: sssd.conf.5.xml:602 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1065,133 +1094,116 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 +#: sssd.conf.5.xml:608 msgid "Default: 7" msgstr "Типове значення: 7" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -#, fuzzy -#| msgid "NSS configuration options" +#: sssd.conf.5.xml:616 msgid "SUDO configuration options" -msgstr "Параметри налаштування NSS" +msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -#, fuzzy -#| msgid "These options can be used to configure any service." +#: sssd.conf.5.xml:618 msgid "These options can be used to configure the sudo service." -msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб." +msgstr "Цими параметрами можна скористатися для налаштування служби sudo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -#, fuzzy -#| msgid "enum_cache_timeout (integer)" +#: sssd.conf.5.xml:625 msgid "sudo_cache_timeout (integer)" -msgstr "enum_cache_timeout (ціле число)" +msgstr "sudo_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -#, fuzzy -#| msgid "" -#| "For any PAM request while SSSD is online, the SSSD will attempt to " -#| "immediately update the cached identity information for the user in order " -#| "to ensure that authentication takes place with the latest information." +#: sssd.conf.5.xml:628 msgid "" "For any sudo request that comes while SSSD is online, the SSSD will attempt " "to update the cached rules in order to ensure that sudo has the latest " "ruleset." msgstr "" -"Для кожного з запитів PAM під час роботи SSSD система SSSD зробить спробу " -"негайно оновити кешовані дані щодо профілю користувача з метою переконатися, " -"що розпізнавання виконується на основі найсвіжіших даних." +"У відповідь на кожен запит до sudo, який надходить протягом часу роботи " +"SSSD, SSSD намагатиметься оновити кешовані правила з метою забезпечення " +"використання у sudo найсвіжішого набору правил." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:634 msgid "" "The user may, however, run a couple of sudo commands successively, which " "would trigger multiple LDAP requests. In order to speed up this use-case, " "the sudo service maintains an in-memory cache that would be used for " "performing fast replies." msgstr "" +"Втім, користувач може віддати декілька послідовних команд sudo, спроба " +"виконання яких призведе до одночасного надсилання декількох запитів до LDAP. " +"У такому разі з метою пришвидшення обробки служба sudo користуватиметься " +"кешем у пам’яті, який використовуватиметься для формування швидких " +"відповідей." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:641 msgid "" "This option controls how long (in seconds) can the sudo service cache rules " "for a user." msgstr "" +"За допомогою цього параметра можна визначити тривалість (у секундах) " +"зберігання службою sudo паролів у кеші." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -#, fuzzy -#| msgid "Default: 10" +#: sssd.conf.5.xml:645 msgid "Default: 180" -msgstr "Типове значення: 10" +msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -#, fuzzy -#| msgid "debug_timestamps (bool)" +#: sssd.conf.5.xml:650 msgid "sudo_timed (bool)" -msgstr "debug_timestamps (булеве значення)" +msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 +#: sssd.conf.5.xml:653 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" +"Визначає, чи слід обробляти атрибути sudoNotBefore і sudoNotAfter, " +"призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -#, fuzzy -#| msgid "NSS configuration options" +#: sssd.conf.5.xml:666 msgid "AUTOFS configuration options" -msgstr "Параметри налаштування NSS" +msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -#, fuzzy -#| msgid "These options can be used to configure any service." +#: sssd.conf.5.xml:668 msgid "These options can be used to configure the autofs service." -msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб." +msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -#, fuzzy -#| msgid "entry_negative_timeout (integer)" +#: sssd.conf.5.xml:676 msgid "autofs_negative_timeout (integer)" -msgstr "entry_negative_timeout (ціле число)" +msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -#, fuzzy -#| msgid "" -#| "Specifies for how many seconds nss_sss should cache negative cache hits " -#| "(that is, queries for invalid database entries, like nonexistent ones) " -#| "before asking the back end again." -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " +#: sssd.conf.5.xml:679 +msgid "" +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -"Визначає кількість секунд, протягом яких nss_sss має кешувати негативні " -"результати пошуку у кеші (тобто запити щодо некоректних записів у базі " -"даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." +"Визначає кількість секунд, протягом яких відповідач autofs має кешувати " +"негативні результати пошуку у кеші (тобто запити щодо некоректних записів у " +"базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:696 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:703 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:706 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1200,7 +1212,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 +#: sssd.conf.5.xml:711 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1213,17 +1225,17 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#: sssd.conf.5.xml:718 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 +#: sssd.conf.5.xml:724 msgid "timeout (integer)" msgstr "timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 +#: sssd.conf.5.xml:727 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." @@ -1232,17 +1244,17 @@ msgstr "" "забезпечення роботи процесу основного модуля, який має відповідати на запити." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 +#: sssd.conf.5.xml:732 sssd-ldap.5.xml:1131 msgid "Default: 10" msgstr "Типове значення: 10" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:738 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:741 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1251,22 +1263,22 @@ msgstr "" "значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:745 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:748 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:856 sssd.conf.5.xml:910 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:754 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1281,7 +1293,7 @@ msgstr "" "системи виконанням нумерації." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 +#: sssd.conf.5.xml:764 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1291,7 +1303,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 +#: sssd.conf.5.xml:769 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1305,12 +1317,12 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 +#: sssd.conf.5.xml:780 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 +#: sssd.conf.5.xml:783 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1319,124 +1331,98 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:787 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:793 msgid "entry_cache_user_timeout (integer)" -msgstr "entry_cache_timeout (ціле число)" +msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:796 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" -"Кількість секунд, протягом яких nss_sss вважатиме записи чинними, перш ніж " -"надсилати повторний запит до сервера" +"Кількість секунд, протягом яких nss_sss вважатиме записи користувачів " +"чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:800 sssd.conf.5.xml:813 sssd.conf.5.xml:826 +#: sssd.conf.5.xml:839 msgid "Default: entry_cache_timeout" -msgstr "entry_cache_timeout (ціле число)" +msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:806 msgid "entry_cache_group_timeout (integer)" -msgstr "entry_cache_timeout (ціле число)" +msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:809 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" -"Кількість секунд, протягом яких nss_sss вважатиме записи чинними, перш ніж " -"надсилати повторний запит до сервера" +"Кількість секунд, протягом яких nss_sss вважатиме записи груп чинними, перш " +"ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:819 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "entry_cache_timeout (ціле число)" +msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:822 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" -"Кількість секунд, протягом яких nss_sss вважатиме записи чинними, перш ніж " -"надсилати повторний запит до сервера" +"Кількість секунд, протягом яких nss_sss вважатиме записи мережевих груп " +"чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -#, fuzzy -#| msgid "entry_cache_timeout (integer)" +#: sssd.conf.5.xml:832 msgid "entry_cache_service_timeout (integer)" -msgstr "entry_cache_timeout (ціле число)" +msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -#, fuzzy -#| msgid "" -#| "How many seconds should nss_sss consider entries valid before asking the " -#| "backend again" +#: sssd.conf.5.xml:835 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" -"Кількість секунд, протягом яких nss_sss вважатиме записи чинними, перш ніж " -"надсилати повторний запит до сервера" +"Кількість секунд, протягом яких nss_sss вважатиме записи служб чинними, перш " +"ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 +#: sssd.conf.5.xml:845 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#: sssd.conf.5.xml:848 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:852 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 +#: sssd.conf.5.xml:861 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 +#: sssd.conf.5.xml:864 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1449,47 +1435,47 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:871 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:877 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:880 msgid "The Data Provider identity backend to use for this domain." msgstr "Модуль надання даних щодо профілів користувачів для цього домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 +#: sssd.conf.5.xml:884 msgid "Supported backends:" msgstr "Підтримувані модулі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:887 msgid "proxy: Support a legacy NSS provider" msgstr "proxy: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:890 msgid "local: SSSD internal local provider" msgstr "local: вбудований модуль надання локальних даних SSSD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 +#: sssd.conf.5.xml:893 msgid "ldap: LDAP provider" msgstr "ldap: модуль надання даних LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:899 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:902 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1502,12 +1488,12 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 +#: sssd.conf.5.xml:915 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 +#: sssd.conf.5.xml:918 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1516,7 +1502,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:922 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1528,7 +1514,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:929 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1540,18 +1526,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:936 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:939 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 +#: sssd.conf.5.xml:942 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1560,12 +1546,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:948 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 +#: sssd.conf.5.xml:951 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1576,17 +1562,17 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:957 msgid "<quote>permit</quote> always allow access." msgstr "<quote>permit</quote> — завжди дозволяти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 +#: sssd.conf.5.xml:960 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 +#: sssd.conf.5.xml:963 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1599,17 +1585,17 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:970 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 +#: sssd.conf.5.xml:975 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 +#: sssd.conf.5.xml:978 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1618,7 +1604,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 +#: sssd.conf.5.xml:983 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1630,7 +1616,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 +#: sssd.conf.5.xml:991 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1642,7 +1628,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1654,18 +1640,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 +#: sssd.conf.5.xml:1007 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 +#: sssd.conf.5.xml:1011 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 +#: sssd.conf.5.xml:1014 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -1674,122 +1660,90 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -#, fuzzy -#| msgid "id_provider (string)" +#: sssd.conf.5.xml:1021 msgid "sudo_provider (string)" -msgstr "id_provider (рядок)" +msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -#, fuzzy -#| msgid "" -#| "The authentication provider used for the domain. Supported auth " -#| "providers are:" +#: sssd.conf.5.xml:1027 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" -"Служба розпізнавання, яку використано для цього домену. Серед підтримуваних " -"служб розпізнавання:" +"Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " +"SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote> to change a password stored in a LDAP server. See " -#| "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:1031 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" -"<quote>ldap</quote> — змінити пароль, що зберігається на сервері LDAP. " -"Докладніші відомості щодо налаштування LDAP викладено у довіднику з " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>." +"<quote>ldap</quote> для правил, що зберігаються у LDAP. Докладніше про " +"налаштовування LDAP можна дізнатися з довідки до <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -#, fuzzy -#| msgid "<quote>none</quote> disables authentication explicitly." +#: sssd.conf.5.xml:1038 msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." +msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -#, fuzzy -#| msgid "" -#| "Default: <quote>id_provider</quote> is used if it is set and can handle " -#| "authentication requests." +#: sssd.conf.5.xml:1041 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" -"Типове значення: буде використано <quote>id_provider</quote>, якщо цей " -"спосіб встановлено і можлива обробка запитів щодо розпізнавання." +"Типове значення: використовується значення <quote>id_provider</quote>, якщо " +"його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -#, fuzzy -#| msgid "access_provider (string)" +#: sssd.conf.5.xml:1047 msgid "session_provider (string)" -msgstr "access_provider (рядок)" +msgstr "session_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -#, fuzzy -#| msgid "" -#| "The provider which should handle change password operations for the " -#| "domain. Supported change password providers are:" +#: sssd.conf.5.xml:1050 msgid "" "The provider which should handle loading of session settings. Supported " "session providers are:" msgstr "" -"Система, яка має обробляти дії зі зміни паролів для домену. Передбачено " -"підтримку таких систем зміни паролів:" +"Служба, яка має обробляти завантаження параметрів сеансу. Серед " +"підтримуваних служб сеансів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -#, fuzzy -#| msgid "" -#| "<quote>ipa</quote> to change a password stored in an IPA server. See " -#| "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> for more information on configuring IPA." +#: sssd.conf.5.xml:1055 msgid "" "<quote>ipa</quote> to load session settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" -"<quote>ipa</quote> — змінити пароль, що зберігається на сервері IPA. " +"<quote>ipa</quote> для завантаження параметрів сеансів з сервера IPA. " "Докладніші відомості щодо налаштування IPA викладено у довіднику з " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum></" +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -#, fuzzy -#| msgid "<quote>none</quote> disallows password changes explicitly." +#: sssd.conf.5.xml:1063 msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." +msgstr "" +"<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " +"сеансу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -#, fuzzy -#| msgid "" -#| "Default: <quote>id_provider</quote> is used if it is set and can handle " -#| "authentication requests." +#: sssd.conf.5.xml:1066 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "session loading requests." msgstr "" "Типове значення: буде використано <quote>id_provider</quote>, якщо цей " -"спосіб встановлено і можлива обробка запитів щодо розпізнавання." +"спосіб встановлено і можлива обробка запитів щодо завантаження сеансу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1073 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 +#: sssd.conf.5.xml:1076 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -1798,48 +1752,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 +#: sssd.conf.5.xml:1080 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1083 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1086 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1089 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1092 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 +#: sssd.conf.5.xml:1101 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1850,12 +1804,12 @@ msgstr "" "очікування буде перевищено, домен продовжуватиме роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1116 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -1864,28 +1818,28 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1123 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 +#: sssd.conf.5.xml:1129 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 +#: sssd.conf.5.xml:1132 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 +#: sssd.conf.5.xml:1138 msgid "case_sensitive (boolean)" msgstr "case_sensitive (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1141 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." @@ -1894,12 +1848,12 @@ msgstr "" "версії підтримку передбачено лише для локальних надавачів даних." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:698 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -1910,17 +1864,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1158 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1161 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1164 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -1929,12 +1883,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 +#: sssd.conf.5.xml:1172 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1175 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1945,7 +1899,7 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1154 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -1954,12 +1908,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 +#: sssd.conf.5.xml:1187 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 +#: sssd.conf.5.xml:1189 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1970,29 +1924,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 +#: sssd.conf.5.xml:1196 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 +#: sssd.conf.5.xml:1199 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 +#: sssd.conf.5.xml:1203 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1208 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 +#: sssd.conf.5.xml:1211 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2001,17 +1955,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 +#: sssd.conf.5.xml:1216 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 +#: sssd.conf.5.xml:1221 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 +#: sssd.conf.5.xml:1224 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2020,17 +1974,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 +#: sssd.conf.5.xml:1228 sssd.conf.5.xml:1240 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 +#: sssd.conf.5.xml:1233 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 +#: sssd.conf.5.xml:1236 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2039,12 +1993,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 +#: sssd.conf.5.xml:1245 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 +#: sssd.conf.5.xml:1248 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2055,17 +2009,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 +#: sssd.conf.5.xml:1261 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1264 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2078,17 +2032,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 +#: sssd.conf.5.xml:1274 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 +#: sssd.conf.5.xml:1279 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 +#: sssd.conf.5.xml:1282 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2099,17 +2053,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1289 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1294 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1297 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2120,18 +2074,18 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 +#: sssd.conf.5.xml:1303 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 +#: sssd.conf.5.xml:1313 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 #: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 +#: sssd.conf.5.xml:1319 #, no-wrap msgid "" "[sssd]\n" @@ -2185,7 +2139,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2197,7 +2151,7 @@ msgstr "" "щодо налаштування доменів. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1350 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" @@ -2989,19 +2943,13 @@ msgstr "Типове значення: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:582 -#, fuzzy -#| msgid "ldap_user_shell (string)" msgid "ldap_user_ssh_public_key (string)" -msgstr "ldap_user_shell (рядок)" +msgstr "ldap_user_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:585 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the path to the user's default shell." msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" -"Атрибут LDAP, що містить шлях до типової командної оболонки користувача." +msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:592 @@ -3029,16 +2977,12 @@ msgstr "ldap_enumeration_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:611 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains how many seconds SSSD has to wait before " -#| "refreshing its cache of enumerated records." msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" -"Атрибут LDAP, що містить дані щодо кількості секунд, протягом яких SSSD має " -"очікувати до оновлення свого кешу нумерованих записів." +"Визначає кількість секунд, протягом яких SSSD має очікувати до оновлення " +"свого кешу нумерованих записів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 @@ -3047,10 +2991,8 @@ msgstr "Типове значення: 300" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:622 -#, fuzzy -#| msgid "ldap_search_timeout (integer)" msgid "ldap_purge_cache_timeout (integer)" -msgstr "ldap_search_timeout (ціле число)" +msgstr "ldap_purge_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:625 @@ -3354,103 +3296,73 @@ msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:900 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_service_object_class (string)" -msgstr "ldap_user_object_class (рядок)" +msgstr "ldap_service_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:903 -#, fuzzy -#| msgid "The object class of a user entry in LDAP." msgid "The object class of a service entry in LDAP." -msgstr "Клас об’єктів запису користувача у LDAP." +msgstr "Клас об’єктів запису служби у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:906 -#, fuzzy -#| msgid "Default: authorizedService" msgid "Default: ipService" -msgstr "Типове значення: authorizedService" +msgstr "Типове значення: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:912 -#, fuzzy -#| msgid "ldap_dns_service_name (string)" msgid "ldap_service_name (string)" -msgstr "ldap_dns_service_name (рядок)" +msgstr "ldap_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:915 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the name of the user's home directory." msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." -msgstr "Атрибут LDAP, що містить назву домашнього каталогу користувача." +msgstr "" +"Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:925 -#, fuzzy -#| msgid "ldap_tls_cert (string)" msgid "ldap_service_port (string)" -msgstr "ldap_tls_cert (рядок)" +msgstr "ldap_service_port (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:928 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the name of the user's home directory." msgid "The LDAP attribute that contains the port managed by this service." -msgstr "Атрибут LDAP, що містить назву домашнього каталогу користувача." +msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:932 -#, fuzzy -#| msgid "Default: ipv4_first" msgid "Default: ipServicePort" -msgstr "Типове значення: ipv4_first" +msgstr "Типове значення: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:938 -#, fuzzy -#| msgid "ldap_tls_cert (string)" msgid "ldap_service_proto (string)" -msgstr "ldap_tls_cert (рядок)" +msgstr "ldap_service_proto (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:941 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the path to the user's default shell." msgid "" "The LDAP attribute that contains the protocols understood by this service." -msgstr "" -"Атрибут LDAP, що містить шлях до типової командної оболонки користувача." +msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:945 -#, fuzzy -#| msgid "Default: ipv4_first" msgid "Default: ipServiceProtocol" -msgstr "Типове значення: ipv4_first" +msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:951 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_service_search_base (string)" -msgstr "ldap_user_search_base (рядок)" +msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:954 -#, fuzzy -#| msgid "An optional base DN to restrict user searches to a specific subtree." msgid "An optional base DN to restrict service searches to a specific subtree." msgstr "" -"Додатковий основний DN для обмеження пошуків користувачів певною гілкою " -"ієрархії." +"Додатковий основний DN для обмеження пошуків служб певною гілкою ієрархії." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 @@ -3609,7 +3521,7 @@ msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1079 msgid "ldap_disable_paging" -msgstr "" +msgstr "ldap_disable_paging" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1082 @@ -3618,6 +3530,9 @@ msgid "" "server reports that it supports the LDAP paging control in its RootDSE but " "it is not enabled or does not behave properly." msgstr "" +"Вимикає контроль сторінок LDAP. Цим параметром слід скористатися, якщо " +"сервер LDAP повідомляє про підтримку контролю сторінок LDAP у своєму " +"RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1088 @@ -3625,6 +3540,9 @@ msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" +"Приклад: сервери OpenLDAP з модулем контролю сторінок, встановленим на " +"сервері, але не увімкненим, повідомляють про підтримку у RootDSE, але цією " +"підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1094 @@ -3633,6 +3551,9 @@ msgid "" "a time on a single connection. On busy clients, this can result in some " "requests being denied." msgstr "" +"Приклад: 389 DS має ваду, пов’язану з тим, що здатен підтримувати лише один " +"процес контролю сторінок для одного з’єднання. У разі значного навантаження " +"це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1103 @@ -4060,22 +3981,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1416 -#, fuzzy -#| msgid "" -#| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -#| "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes " -#| "to evaluate if the password has expired. Note that the current version " -#| "of sssd cannot update this attribute during a password change." msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " "evaluate if the password has expired." msgstr "" -"<emphasis>shadow</emphasis> — використовувати атрибути у форматі " +"<emphasis>shadow</emphasis> — використовувати атрибути у стилі " "<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> для визначення завершення строку дії пароля. " -"Зауважте, що у поточній версії sssd не передбачено можливості оновлення " -"цього атрибута під час зміни пароля." +"manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1422 @@ -4411,253 +4324,194 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1639 -#, fuzzy -#| msgid "OPTIONS" msgid "SUDO OPTIONS" -msgstr "ПАРАМЕТРИ" +msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1644 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_sudorule_object_class (string)" -msgstr "ldap_user_object_class (рядок)" +msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1647 -#, fuzzy -#| msgid "The object class of a user entry in LDAP." msgid "The object class of a sudo rule entry in LDAP." -msgstr "Клас об’єктів запису користувача у LDAP." +msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1650 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoRole" -msgstr "Типове значення: uid" +msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1656 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_name (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1659 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the group name." msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "Атрибут LDAP, що відповідає назві групи." +msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1669 -#, fuzzy -#| msgid "ldap_schema (string)" msgid "ldap_sudorule_command (string)" -msgstr "ldap_schema (рядок)" +msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1672 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the group name." msgid "The LDAP attribute that corresponds to the command name." -msgstr "Атрибут LDAP, що відповідає назві групи." +msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1676 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoCommand" -msgstr "Типове значення: uid" +msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1682 -#, fuzzy -#| msgid "ldap_user_authorized_host (string)" msgid "ldap_sudorule_host (string)" -msgstr "ldap_user_authorized_host (рядок)" +msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1685 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" -msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." +msgstr "" +"Атрибут LDAP, який відповідає назві вузла (або IP-адресі вузла, IP-мережі " +"вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1690 -#, fuzzy -#| msgid "Default: root" msgid "Default: sudoHost" -msgstr "Типове значення: root" +msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1696 -#, fuzzy -#| msgid "ldap_user_uid_number (string)" msgid "ldap_sudorule_user (string)" -msgstr "ldap_user_uid_number (рядок)" +msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1699 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the netgroup name." msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" -msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)." +msgstr "" +"Атрибут LDAP, що відповідає назві імені користувача (або UID, назві групи " +"або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1703 -#, fuzzy -#| msgid "Default: uid" msgid "Default: sudoUser" -msgstr "Типове значення: uid" +msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1709 -#, fuzzy -#| msgid "ldap_uri (string)" msgid "ldap_sudorule_option (string)" -msgstr "ldap_uri (рядок)" +msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1712 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "Атрибут LDAP, що відповідає ідентифікатору користувача." +msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1716 -#, fuzzy -#| msgid "Default: shadowMin" msgid "Default: sudoOption" -msgstr "Типове значення: shadowMin" +msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1722 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_runasuser (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1725 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." -msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." +msgstr "" +"Атрибут LDAP, що відповідає користувачеві, від імені якого можна виконувати " +"команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1729 -#, fuzzy -#| msgid "Default: uidNumber" msgid "Default: sudoRunAsUser" -msgstr "Типове значення: uidNumber" +msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1735 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_runasgroup (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1738 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the group name." msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." -msgstr "Атрибут LDAP, що відповідає назві групи." +msgstr "" +"Атрибут LDAP, що відповідає назві групи або GID, від імені якої можна " +"виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1742 -#, fuzzy -#| msgid "Default: posixGroup" msgid "Default: sudoRunAsGroup" -msgstr "Типове значення: posixGroup" +msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1748 -#, fuzzy -#| msgid "ldap_user_uid_number (string)" msgid "ldap_sudorule_notbefore (string)" -msgstr "ldap_user_uid_number (рядок)" +msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1751 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." -msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." +msgstr "" +"Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1755 -#, fuzzy -#| msgid "Default: uidNumber" msgid "Default: sudoNotBefore" -msgstr "Типове значення: uidNumber" +msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1761 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_sudorule_notafter (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1764 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's primary group id." msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." -msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." +msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1769 -#, fuzzy -#| msgid "Default: filter" msgid "Default: sudoNotAfter" -msgstr "Типове значення: filter" +msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1775 -#, fuzzy -#| msgid "ldap_access_order (string)" msgid "ldap_sudorule_order (string)" -msgstr "ldap_access_order (рядок)" +msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1778 -#, fuzzy -#| msgid "The LDAP attribute that corresponds to the user's id." msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "Атрибут LDAP, що відповідає ідентифікатору користувача." +msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1782 -#, fuzzy -#| msgid "Default: password" msgid "Default: sudoOrder" -msgstr "Типове значення: password" +msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1788 -#, fuzzy -#| msgid "ldap_referrals (boolean)" msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "ldap_referrals (булеве значення)" +msgstr "ldap_sudo_refresh_enabled (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1791 @@ -4665,57 +4519,44 @@ msgid "" "Enables periodical download of all sudo rules. The cache is purged before " "each update." msgstr "" +"Вмикає періодичне звантаження всіх правил sudo. Перед кожним оновленням дані " +"з кешу вилучаються." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1801 -#, fuzzy -#| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "ldap_enumeration_refresh_timeout (ціле число)" +msgstr "ldap_sudo_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1804 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains how many seconds SSSD has to wait before " -#| "refreshing its cache of enumerated records." msgid "" "How many seconds SSSD has to wait before refreshing its cache of sudo rules." msgstr "" -"Атрибут LDAP, що містить дані щодо кількості секунд, протягом яких SSSD має " -"очікувати до оновлення свого кешу нумерованих записів." +"Визначає кількість секунд, протягом яких SSSD має очікувати до оновлення " +"свого кешу правил sudo." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1642 -#, fuzzy -#| msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1815 -#, fuzzy -#| msgid "" -#| "Specifies acceptable cipher suites. Typically this is a colon sperated " -#| "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -#| "<manvolnum>5</manvolnum></citerefentry> for format." msgid "" "This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " +"explanation of sudo related attribute semantics, see <citerefentry> " "<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" "citerefentry>" msgstr "" -"Визначає прийнятні комплекти програм для шифрування. Записи у типовому " -"списку слід відокремлювати комами. З форматом можна ознайомитися на сторінці " -"довідника до <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry>." +"На цій сторінці довідника наведено дані щодо відповідності назв атрибутів. " +"Докладний опис семантики атрибутів, пов’язаних з sudo, можна знайти у " +"довідці з <citerefentry> <refentrytitle>sudoers.ldap</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1825 -#, fuzzy -#| msgid "OPTIONS" msgid "AUTOFS OPTIONS" -msgstr "ПАРАМЕТРИ" +msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1827 @@ -4723,62 +4564,48 @@ msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" +"Будь ласка, зауважте, що типові значення відповідають типовій схемі, яку " +"визначено у RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1834 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_autofs_map_object_class (string)" -msgstr "ldap_user_object_class (рядок)" +msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -#, fuzzy -#| msgid "The object class of a group entry in LDAP." msgid "The object class of an automount map entry in LDAP." -msgstr "Клас об’єктів запису групи у LDAP." +msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -#, fuzzy -#| msgid "Default: root" msgid "Default: automountMap" -msgstr "Типове значення: root" +msgstr "Типове значення: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1847 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_autofs_map_name (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1850 -#, fuzzy -#| msgid "The object class of a group entry in LDAP." msgid "The name of an automount map entry in LDAP." -msgstr "Клас об’єктів запису групи у LDAP." +msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1853 -#, fuzzy -#| msgid "Default: uid" msgid "Default: ou" -msgstr "Типове значення: uid" +msgstr "Типове значення: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1860 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ldap_autofs_entry_object_class (string)" -msgstr "ldap_user_object_class (рядок)" +msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1874 -#, fuzzy -#| msgid "ldap_tls_key (string)" msgid "ldap_autofs_entry_key (string)" -msgstr "ldap_tls_key (рядок)" +msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 @@ -4786,20 +4613,18 @@ msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" +"Ключ запису автоматичного монтування LDAP. Цей запис зазвичай відповідає " +"точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1888 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ldap_autofs_entry_value (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1895 -#, fuzzy -#| msgid "Default: shadowInactive" msgid "Default: automountInformation" -msgstr "Типове значення: shadowInactive" +msgstr "Типове значення: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1832 @@ -4809,6 +4634,10 @@ msgid "" "<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" "\"variablelist\" id=\"4\"/>" msgstr "" +"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" +"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " +"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" +"\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:1904 @@ -4918,37 +4747,29 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2012 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_sudo_search_base (string)" -msgstr "ldap_search_base (рядок)" +msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2015 -#, fuzzy -#| msgid "An optional base DN to restrict user searches to a specific subtree." msgid "" "An optional base DN to restrict sudo rules searches to a specific subtree." msgstr "" -"Додатковий основний DN для обмеження пошуків користувачів певною гілкою " +"Додатковий основний DN для обмеження пошуків правил sudo певною гілкою " "ієрархії." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:2034 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_autofs_search_base (string)" -msgstr "ldap_user_search_base (рядок)" +msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:2037 -#, fuzzy -#| msgid "An optional base DN to restrict user searches to a specific subtree." msgid "" "An optional base DN to restrict automounter searches to a specific subtree." msgstr "" -"Додатковий основний DN для обмеження пошуків користувачів певною гілкою " -"ієрархії." +"Додатковий основний DN для обмеження пошуків засобу автоматичного монтування " +"певною гілкою ієрархії." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:1906 @@ -5634,6 +5455,9 @@ msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" +"ЗАУВАЖЕННЯ: на застарілих системах (зокрема RHEL 5) для надійної роботи у " +"цьому режимі типову область дії Kerberos має бути належним чином визначено " +"у /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:129 @@ -5674,20 +5498,14 @@ msgstr "Типове значення: використання базової #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:156 -#, fuzzy -#| msgid "ipa_hbac_search_base (string)" msgid "ipa_host_search_base (string)" -msgstr "ipa_hbac_search_base (рядок)" +msgstr "ipa_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:159 -#, fuzzy -#| msgid "" -#| "Optional. Use the given string as search base for HBAC related objects." msgid "Optional. Use the given string as search base for host objects." msgstr "" -"Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з " -"HBAC об’єктів." +"Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:168 @@ -5696,23 +5514,21 @@ msgid "" "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " "will be ignored." msgstr "" +"Якщо вказано фільтрування за довільною базою пошуку і встановлено значення " +"False для <emphasis>ipa_hbac_support_srchost</emphasis>, фільтр буде " +"проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:180 -#, fuzzy -#| msgid "ipa_hbac_search_base (string)" msgid "ipa_selinux_search_base (string)" -msgstr "ipa_hbac_search_base (рядок)" +msgstr "ipa_selinux_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:183 -#, fuzzy -#| msgid "" -#| "Optional. Use the given string as search base for HBAC related objects." msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" -"Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з " -"HBAC об’єктів." +"Необов’язковий. Використати вказаний рядок як основу пошуку карт " +"користувачів SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 @@ -5849,23 +5665,25 @@ msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" +"Зауважте, що якщо встановлено значення <emphasis>False</emphasis>, фільтри, " +"вказані за допомогою параметра <emphasis>ipa_host_search_base</emphasis>, " +"буде проігноровано;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:307 -#, fuzzy -#| msgid "ipa_domain (string)" msgid "ipa_automount_location (string)" -msgstr "ipa_domain (рядок)" +msgstr "ipa_automount_location (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:310 msgid "The automounter location this IPA client will be using" msgstr "" +"Адреса автоматичного монтування, яку буде використовувати цей клієнт IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:313 msgid "Default: The location named \"default\"" -msgstr "" +msgstr "Типове значення: адреса з назвою \"default\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:319 @@ -5982,213 +5800,158 @@ msgstr "Типове значення: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:404 -#, fuzzy -#| msgid "ldap_user_object_class (string)" msgid "ipa_selinux_usermap_object_class (string)" -msgstr "ldap_user_object_class (рядок)" +msgstr "ipa_selinux_usermap_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:415 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ipa_selinux_usermap_name (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ipa_selinux_usermap_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:418 -#, fuzzy -#| msgid "The LDAP attribute that contains the names of the group's members." msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "Атрибут LDAP, у якому містяться імена учасників групи." +msgstr "Атрибут LDAP, що містить назву карти користувачів SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:427 -#, fuzzy -#| msgid "ipa_netgroup_member_user (string)" msgid "ipa_selinux_usermap_member_user (string)" -msgstr "ipa_netgroup_member_user (рядок)" +msgstr "ipa_selinux_usermap_member_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:430 -#, fuzzy -#| msgid "The LDAP attribute that contains FQDN of the host." msgid "" "The LDAP attribute that contains all users / groups this rule match against." -msgstr "Атрибут LDAP, що містить FQDN вузла." +msgstr "" +"Атрибут LDAP, що містить список всіх користувачів і груп, яких стосується це " +"правило." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:439 -#, fuzzy -#| msgid "ipa_netgroup_member_host (string)" msgid "ipa_selinux_usermap_member_host (string)" -msgstr "ipa_netgroup_member_host (рядок)" +msgstr "ipa_selinux_usermap_member_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:442 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the (host, user, domain) netgroup " -#| "triples." msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -"Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)." +"Атрибут LDAP, що містить список всіх вузлів і груп вузлів, яких стосується " +"це правило." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:451 -#, fuzzy -#| msgid "ipa_netgroup_member_of (string)" msgid "ipa_selinux_usermap_see_also (string)" -msgstr "ipa_netgroup_member_of (рядок)" +msgstr "ipa_selinux_usermap_see_also (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:454 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the names of the netgroup's members." msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" -"Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)." +"Атрибут LDAP, що містить назву домену правила HBAC, яким можна користуватися " +"для встановлення відповідності замість memberUser і memberHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:459 -#, fuzzy -#| msgid "Default: false" msgid "Default: seeAlso" -msgstr "Типове значення: false" +msgstr "Типове значення: seeAlso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:464 -#, fuzzy -#| msgid "ipa_netgroup_member_user (string)" msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "ipa_netgroup_member_user (рядок)" +msgstr "ipa_selinux_usermap_selinux_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:467 -#, fuzzy -#| msgid "The LDAP attribute that contains FQDN of the host." msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "Атрибут LDAP, що містить FQDN вузла." +msgstr "Атрибут LDAP, який містить сам рядок користувача SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:471 -#, fuzzy -#| msgid "Default: ipaHost" msgid "Default: ipaSELinuxUser" -msgstr "Типове значення: ipaHost" +msgstr "Типове значення: ipaSELinuxUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:476 -#, fuzzy -#| msgid "ldap_user_name (string)" msgid "ipa_selinux_usermap_enabled (string)" -msgstr "ldap_user_name (рядок)" +msgstr "ipa_selinux_usermap_enabled (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:479 -#, fuzzy -#| msgid "" -#| "The LDAP attribute that contains the path to the user's default shell." msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -"Атрибут LDAP, що містить шлях до типової командної оболонки користувача." +"Атрибут LDAP, що містить дані щодо того, чи можна користуватися картою " +"користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:483 -#, fuzzy -#| msgid "Default: loginDisabled" msgid "Default: ipaEnabledFlag" -msgstr "Типове значення: loginDisabled" +msgstr "Типове значення: ipaEnabledFlag" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:488 -#, fuzzy -#| msgid "ldap_user_search_filter (string)" msgid "ipa_selinux_usermap_user_category (string)" -msgstr "ldap_user_search_filter (рядок)" +msgstr "ipa_selinux_usermap_user_category (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:491 -#, fuzzy -#| msgid "The LDAP attribute that contains FQDN of the host." msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "Атрибут LDAP, що містить FQDN вузла." +msgstr "Атрибут LDAP, що містить категорію користувачів, зокрема 'all'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:495 -#, fuzzy -#| msgid "Default: homeDirectory" msgid "Default: userCategory" -msgstr "Типове значення: homeDirectory" +msgstr "Типове значення: userCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:500 -#, fuzzy -#| msgid "ldap_user_home_directory (string)" msgid "ipa_selinux_usermap_host_category (string)" -msgstr "ldap_user_home_directory (рядок)" +msgstr "ipa_selinux_usermap_host_category (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:503 -#, fuzzy -#| msgid "The LDAP attribute that contains FQDN of the host." msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "Атрибут LDAP, що містить FQDN вузла." +msgstr "Атрибут LDAP, що містить категорію вузлів, зокрема 'all'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:507 -#, fuzzy -#| msgid "Default: host" msgid "Default: hostCategory" -msgstr "Типове значення: host" +msgstr "Типове значення: hostCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:512 -#, fuzzy -#| msgid "ldap_user_uuid (string)" msgid "ipa_selinux_usermap_uuid (string)" -msgstr "ldap_user_uuid (рядок)" +msgstr "ipa_selinux_usermap_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:515 -#, fuzzy -#| msgid "The LDAP attribute that contains FQDN of the host." msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "Атрибут LDAP, що містить FQDN вузла." +msgstr "Атрибут LDAP, що містить унікальний ідентифікатор карти користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:519 -#, fuzzy -#| msgid "Default: nsUniqueId" msgid "Default: ipaUniqueID" -msgstr "Типове значення: nsUniqueId" +msgstr "Типове значення: ipaUniqueID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:524 -#, fuzzy -#| msgid "ipa_hostname (string)" msgid "ipa_host_ssh_public_key (string)" -msgstr "ipa_hostname (рядок)" +msgstr "ipa_host_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:527 -#, fuzzy -#| msgid "The LDAP attribute that contains FQDN of the host." msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "Атрибут LDAP, що містить FQDN вузла." +msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:531 -#, fuzzy -#| msgid "Default: ipaHost" msgid "Default: ipaSshPubKey" -msgstr "Типове значення: ipaHost" +msgstr "Типове значення: ipaSshPubKey" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:546 @@ -6362,12 +6125,12 @@ msgid "Run in the foreground, don't become a daemon." msgstr "Запустити програму у звичайному режимі, не створювати фонової служби." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 msgid "<option>-c</option>,<option>--config</option>" msgstr "<option>-c</option>,<option>--config</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 msgid "" "Specify a non-default config file. The default is <filename>/etc/sssd/sssd." "conf</filename>. For reference on the config file syntax and options, " @@ -6559,7 +6322,8 @@ msgstr "" "Пароль для заплутування буде прочитано зі стандартного джерела вхідних даних." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:82 +#: sss_ssh_knownhostsproxy.1.xml:81 msgid "" "<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" "replaceable>" @@ -7409,8 +7173,8 @@ msgid "" "not given, it is chosen automatically." msgstr "" "Встановити для параметра ідентифікатора групи (GID) значення " -"<replaceable>GID</replaceable> </replaceable>. Якщо таке значення не буде " -"вказано, програма вибере його автоматично." +"<replaceable>GID</replaceable>. Якщо таке значення не буде вказано, програма " +"вибере його автоматично." #. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:60 @@ -7780,6 +7544,413 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "sss_cache" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "виконати спорожнення кешу" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>параметри</" +"replaceable> </arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" +"<command>sss_cache</command> скасовує визначення записів у кеші SSSD. Дані " +"записів зі скасованими визначеннями буде перезавантажено з сервера у " +"примусовому порядку, щойно відповідний модуль SSSD отримає до них доступ." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" +"<option>-u</option>,<option>--user</option> <replaceable>реєстраційні дані</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "Скасувати визначення вказаного користувача." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "<option>-U</option>,<option>--users</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" +"Скасувати визначення всіх записів. Цей параметр має вищий пріоритет за " +"параметр скасування визначення для будь-якого користувача, якщо такий " +"параметр вказано." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" +"<option>-g</option>,<option>--group</option> <replaceable>група</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "Скасувати визначення вказаної групи." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "<option>-G</option>,<option>--groups</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" +"Скасувати визначення записів для всіх груп. Цей параметр має вищий пріоритет " +"за параметр скасування визначення для будь-якої групи, якщо такий параметр " +"вказано." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>мережева група</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "Скасувати визначення вказаної мережевої групи." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "<option>-N</option>,<option>--netgroups</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" +"Скасувати визначення всіх записів мережевих груп. Цей параметр має вищий " +"пріоритет за параметр скасування визначення для будь-якої мережевої групи, " +"якщо такий параметр вказано." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" +"<option>-d</option>,<option>--domain</option> <replaceable>домен</" +"replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Restrict invalidation process only to a particular domain." +msgstr "Обмежити процедуру скасування визначення лише певним доменом." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "sss_debuglevel" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "змінити рівень діагностики протягом сеансу роботи з SSSD" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg " +"choice='plain'><replaceable>НОВИЙ_РІВЕНЬ_ДІАГНОСТИКИ</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" +"<command>sss_debuglevel</command> змінює рівень діагностики засобу " +"спостереження та надавачів даних SSSD на вказане значення " +"<replaceable>НОВИЙ_РІВЕНЬ_ДІАГНОСТИКИ</replaceable> під час роботи SSSD." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "<replaceable>НОВИЙ_РІВЕНЬ_ДІАГНОСТИКИ</replaceable>" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "sss_ssh_authorizedkeys" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "1" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "отримати уповноважені ключі OpenSSH" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>параметри</replaceable> </arg> <arg " +"choice='plain'><replaceable>КОРИСТУВАЧ</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" +"<command>sss_ssh_authorizedkeys</command> отримує відкриті ключі SSH для " +"користувача <replaceable>КОРИСТУВАЧ</replaceable> і виводить їх у форматі " +"authorized_keys OpenSSH (щоб дізнатися більше, див. розділ <quote>ФОРМАТ " +"ФАЙЛІВ AUTHORIZED_KEYS</quote> на сторінці підручника (man) з " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry>)." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> можна налаштувати на використання " +"<command>sss_ssh_authorizedkeys</command> для розпізнавання користувачів за " +"відкритими ключами, якщо програму зібрано з підтримкою параметра " +"<citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> <quote>AuthorizedKeysCommand</quote> або " +"<quote>PubkeyAgent</quote>." + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Якщо передбачено підтримку <quote>AuthorizedKeysCommand</quote>, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> можна налаштувати на використання ключів за допомогою такої " +"інструкції у <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry>: <placeholder type=\"programlisting" +"\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" +"Якщо передбачено підтримку <quote>PubkeyAgent</quote>, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> може бути налаштовано на використання ключів за допомогою " +"такої інструкції <citerefentry> <refentrytitle>sshd</refentrytitle> " +"<manvolnum>8</manvolnum></citerefentry>: <placeholder type=\"programlisting" +"\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:87 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" +"Шукати відкриті ключі користувачів у домені SSSD <replaceable>ДОМЕН</" +"replaceable>." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:98 +msgid "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" +"<citerefentry> <refentrytitle>sshd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sshd_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "sss_ssh_knownhostsproxy" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "отримати ключі вузла OpenSSH" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>параметри</replaceable> </arg> <arg " +"choice='plain'><replaceable>ВУЗОЛ</replaceable></arg> <arg " +"choice='opt'><replaceable>КОМАНДА_ПРОКСІ</replaceable></arg>" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" +"<command>sss_ssh_knownhostsproxy</command> отримує відкриті ключі вузла SSH " +"для вузла <replaceable>ВУЗОЛ</replaceable>, зберігає їх до нетипового файла " +"OpenSSH known_hosts (щоб дізнатися більше, ознайомтеся з розділом " +"<quote>ФОРМАТ ФАЙЛІВ SSH_KNOWN_HOSTS</quote> сторінки підручника (man) " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry>) за адресою <filename>/var/lib/sss/pubconf/known_hosts</" +"filename> і встановлює з’єднання з вузлом." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" +"Якщо вказано параметр <replaceable>КОМАНДА_ПРОКСІ</replaceable>, замість " +"відкриття сокета для створення з’єднання буде використано відповідну команду." + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" +msgstr "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile2 /var/lib/sss/pubconf/known_hosts\n" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> можна налаштувати на використання " +"<command>sss_ssh_knownhostsproxy</command> для розпізнавання вузлів за " +"ключами за допомогою таких інструкцій у налаштуваннях " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:69 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" +"<option>-p</option>,<option>--port</option> <replaceable>ПОРТ</replaceable>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:74 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" +"Використовувати для встановлення з’єднання з вузлом порт <replaceable>ПОРТ</" +"replaceable>. Типовим портом є порт 22." + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:86 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" +"Шукати відкриті ключі вузлів у домені SSSD <replaceable>ДОМЕН</replaceable>." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:97 +msgid "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." +msgstr "" +"<citerefentry> <refentrytitle>ssh</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>ssh_config</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>1</" +"manvolnum> </citerefentry>." + #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" @@ -7959,8 +8130,145 @@ msgstr "<option>-h</option>,<option>--help</option>" msgid "Display help message and exit." msgstr "Показати довідкове повідомлення і завершити роботу." -#~ msgid "ldap_purge_cache_timeout" -#~ msgstr "ldap_purge_cache_timeout" +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" +"Бітова маска, яка визначає рівні діагностики, дані яких буде показано. " +"0x0010 — типове і найменше можливе значення. 0xFFF0 — найдокладніший режим. " +"Визначення цього параметра має пріоритет над визначенням у файлі налаштувань." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "Рівні діагностики, передбачені у поточній версії:" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" +"<emphasis>0x0010</emphasis>: критичні помилки з аварійним завершенням " +"роботи. Всі помилки, які не дають SSSD змоги розпочати або продовжувати " +"роботу." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" +"<emphasis>0x0020</emphasis>: критичні помилки. Помилки, які не призводять до " +"аварійного завершення роботи SSSD, але означають, що одна з основних " +"можливостей не працює належним чином." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" +"<emphasis>0x0040</emphasis>: серйозні помилки. Повідомлення про такі помилки " +"означають, що не вдалося виконати певний запит або дію." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" +"<emphasis>0x0080</emphasis>: незначні помилки. Це помилки які можуть " +"призвести до помилок під час виконання дій." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "<emphasis>0x0100</emphasis>: параметри налаштування." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "<emphasis>0x0200</emphasis>: дані функцій." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "<emphasis>0x0400</emphasis>: повідомлення трасування для функцій дій." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" +"<emphasis>0x1000</emphasis>: повідомлення трасування для функцій " +"внутрішнього трасування." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" +"<emphasis>0x2000</emphasis>: вміст внутрішніх змінних функцій, який може " +"бути цікавим." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "<emphasis>0x4000</emphasis>: дані трасування найнижчого рівня." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" +"Щоб до журналу було записано дані потрібних рівнів діагностики, просто " +"додайте відповідні числа, як це показано у наведених нижче прикладах:" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" +"<emphasis>Example</emphasis>: щоб до журналу було записано дані щодо " +"критичних помилок з аварійним завершенням роботи, критичних помилок, " +"серйозних помилок та дані функцій, скористайтеся рівнем діагностики 0x0270." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" +"<emphasis>Приклад</emphasis>: щоб до журналу було записано критичні помилки " +"з аварійним завершенням роботи, параметри налаштування, дані функцій та " +"повідомлення трасування для функцій внутрішнього керування, скористайтеся " +"рівнем 0x1310." + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" +"<emphasis>Зауваження</emphasis>: цей новий формат визначення рівнів " +"діагностики впроваджено у версії 1.7.0. Визначення у форматах попередніх " +"версій (числа від 0 до 10) сумісні сз поточною версією, але вважаються " +"застарілими." -#~ msgid "Supported services: nss, pam" -#~ msgstr "Підтримувані служби: nss, pam" +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" +"<emphasis> Цю можливість ще не перевірено достатнім чином. Будь ласка, якщо " +"помітите якісь вади, повідомте про них за допомогою настанов на сторінці " +"http://fedorahosted.org/sssd. </emphasis>" diff --git a/src/man/po/ur.po b/src/man/po/ur.po deleted file mode 100644 index dd3df542b..000000000 --- a/src/man/po/ur.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Urdu <trans-urdu@lists.fedoraproject.org>\n" -"Language: ur\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1)\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/vi.po b/src/man/po/vi.po deleted file mode 100644 index 0dc99ef42..000000000 --- a/src/man/po/vi.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Vietnamese (http://www.transifex.net/projects/p/fedora/team/" -"vi/)\n" -"Language: vi\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po deleted file mode 100644 index 7660ec58e..000000000 --- a/src/man/po/zh_CN.po +++ /dev/null @@ -1,6314 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Chinese (China) (http://www.transifex.net/projects/p/fedora/" -"team/zh_CN/)\n" -"Language: zh_CN\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" diff --git a/src/man/po/zh_TW.po b/src/man/po/zh_TW.po deleted file mode 100644 index 3ee9d093a..000000000 --- a/src/man/po/zh_TW.po +++ /dev/null @@ -1,6313 +0,0 @@ -# SOME DESCRIPTIVE TITLE -# Copyright (C) YEAR Red Hat -# This file is distributed under the same license as the sssd-docs package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: SSSD\n" -"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-02-07 09:17-0500\n" -"PO-Revision-Date: 2010-12-23 15:35+0000\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: Chinese (Taiwan) <trans-zh_TW@lists.fedoraproject.org>\n" -"Language: zh_TW\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=1; plural=0\n" - -#. type: Content of: <reference><title> -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 -#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 -#: sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 -#: sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 -#: sss_groupshow.8.xml:5 sss_usermod.8.xml:5 -msgid "SSSD Manual pages" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 -msgid "sss_groupmod" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 -#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 -#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 -#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 -msgid "8" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupmod.8.xml:16 -msgid "modify a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupmod.8.xml:21 -msgid "" -"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 -#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 -#: sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 -#: sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 -#: sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 -msgid "DESCRIPTION" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:32 -msgid "" -"<command>sss_groupmod</command> modifies the group to reflect the changes " -"that are specified on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 -#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 -#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 -msgid "OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 -msgid "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:48 -msgid "" -"Append this group to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 -msgid "" -"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupmod.8.xml:62 -msgid "" -"Remove this group from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:1331 sssd-ldap.5.xml:2096 -#: pam_sss.8.xml:139 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 -#: sssd-ipa.5.xml:562 sssd.8.xml:191 sss_obfuscate.8.xml:103 -#: sss_useradd.8.xml:167 sssd-krb5.5.xml:451 sss_groupadd.8.xml:58 -#: sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 -#: sss_usermod.8.xml:138 -msgid "SEE ALSO" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupmod.8.xml:74 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 -msgid "sssd.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 -#: sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 -msgid "5" -msgstr "" - -#. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 -#: sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 -msgid "File Formats and Conventions" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 -#: sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 -msgid "the configuration file for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:21 -msgid "FILE FORMAT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:29 -#, no-wrap -msgid "" -" <replaceable>[section]</replaceable>\n" -" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" -" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:24 -msgid "" -"The file has an ini-style syntax and consists of sections and parameters. A " -"section begins with the name of the section in square brackets and continues " -"until the next section begins. An example of section with single and multi-" -"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:36 -msgid "" -"The data types used are string (no quotes needed), integer and bool (with " -"values of <quote>TRUE/FALSE</quote>)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:41 -msgid "" -"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -"(<quote>;</quote>)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:46 -msgid "" -"All sections can have an optional <replaceable>description</replaceable> " -"parameter. Its function is only as a label for the section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:52 -msgid "" -"<filename>sssd.conf</filename> must be a regular file, owned by root and " -"only root may read from or write to the file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:58 -msgid "SPECIAL SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:61 -msgid "The [sssd] section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:1177 -msgid "Section parameters" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:72 -msgid "config_file_version (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:75 -msgid "" -"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " -"version 2." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:81 -msgid "services" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:84 -msgid "" -"Comma separated list of services that are started when sssd itself starts." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:88 -msgid "" -"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:94 sssd.conf.5.xml:257 -msgid "reconnection_retries (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:97 sssd.conf.5.xml:260 -msgid "" -"Number of times services should attempt to reconnect in the event of a Data " -"Provider crash or restart before they give up" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:102 sssd.conf.5.xml:265 -msgid "Default: 3" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:107 -msgid "domains" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:110 -msgid "" -"A domain is a database containing user information. SSSD can use more " -"domains at the same time, but at least one must be configured or SSSD won't " -"start. This parameter described the list of domains in the order you want " -"them to be queried." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:120 -msgid "re_expression (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:123 -msgid "" -"Regular expression that describes how to parse the string containing user " -"name and domain into these components." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:127 -msgid "" -"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " -"which translates to \"the name is everything up to the <quote>@</quote> " -"sign, the domain everything after that\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:132 -msgid "" -"PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " -"version 7 or higher can support non-unique named subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 -msgid "" -"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" -"P<name>) to label subpatterns." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:146 -msgid "full_name_format (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:149 -msgid "" -"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" -"manvolnum> </citerefentry>-compatible format that describes how to translate " -"a (name, domain) tuple into a fully qualified name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:157 -msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:162 -msgid "try_inotify (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:165 -msgid "" -"SSSD monitors the state of resolv.conf to identify when it needs to update " -"its internal DNS resolver. By default, we will attempt to use inotify for " -"this, and will fall back to polling resolv.conf every five seconds if " -"inotify cannot be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:173 -msgid "" -"There are some limited situations where it is preferred that we should skip " -"even trying to use inotify. In these rare cases, this option should be set " -"to 'false'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:179 -msgid "" -"Default: true on platforms where inotify is supported. False on other " -"platforms." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:183 -msgid "" -"Note: this option will have no effect on platforms where inotify is " -"unavailable. On these platforms, polling will always be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:190 -msgid "krb5_rcache_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:193 -msgid "" -"Directory on the filesystem where SSSD should store Kerberos replay cache " -"files." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:197 -msgid "" -"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " -"SSSD to let libkrb5 decide the appropriate location for the replay cache." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:203 -msgid "" -"Default: Distribution-specific and specified at build-time. " -"(__LIBKRB5_DEFAULTS__ if not configured)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:63 -msgid "" -"Individual pieces of SSSD functionality are provided by special SSSD " -"services that are started and stopped together with SSSD. The services are " -"managed by a special service frequently called <quote>monitor</quote>. The " -"<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:216 -msgid "SERVICES SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:218 -msgid "" -"Settings that can be used to configure different services are described in " -"this section. They should reside in the [<replaceable>$NAME</replaceable>] " -"section, for example, for NSS service, the section would be <quote>[nss]</" -"quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:225 -msgid "General service configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:227 -msgid "These options can be used to configure any service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:231 -msgid "debug_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:235 -msgid "debug_timestamps (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:238 -msgid "Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd.conf.5.xml:376 sssd-ldap.5.xml:1328 -#: sssd-ldap.5.xml:1446 sssd-ipa.5.xml:206 sssd-ipa.5.xml:241 -msgid "Default: true" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:246 -msgid "debug_microseconds (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 -msgid "Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:252 sssd.conf.5.xml:641 sssd-ldap.5.xml:602 -#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1397 sssd-ldap.5.xml:1795 -#: sssd-ipa.5.xml:123 sssd-ipa.5.xml:301 sssd-krb5.5.xml:235 -#: sssd-krb5.5.xml:269 sssd-krb5.5.xml:418 -msgid "Default: false" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:270 -msgid "command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:273 -msgid "" -"By default, the executable representing this service is called <command>sssd_" -"${service_name}</command>. This directive allows to change the executable " -"name for the service. In the vast majority of configurations, the default " -"values should suffice." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:281 -msgid "Default: <command>sssd_${service_name}</command>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:289 -msgid "NSS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:291 -msgid "" -"These options can be used to configure the Name Service Switch (NSS) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:296 -msgid "enum_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 -msgid "" -"How many seconds should nss_sss cache enumerations (requests for info about " -"all users)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 -msgid "Default: 120" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:308 -msgid "entry_cache_nowait_percentage (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:311 -msgid "" -"The entry cache can be set to automatically update entries in the background " -"if they are requested beyond a percentage of the entry_cache_timeout value " -"for the domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:317 -msgid "" -"For example, if the domain's entry_cache_timeout is set to 30s and " -"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " -"after 15 seconds past the last cache update will be returned immediately, " -"but the SSSD will go and update the cache on its own, so that future " -"requests will not need to block waiting for a cache update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:327 -msgid "" -"Valid values for this option are 0-99 and represent a percentage of the " -"entry_cache_timeout for each domain. For performance reasons, this " -"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " -"disables this feature)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:335 -msgid "Default: 50" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:340 -msgid "entry_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:343 -msgid "" -"Specifies for how many seconds nss_sss should cache negative cache hits " -"(that is, queries for invalid database entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:349 sssd.conf.5.xml:669 sssd-krb5.5.xml:223 -msgid "Default: 15" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:354 -msgid "filter_users, filter_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:357 -msgid "" -"Exclude certain users from being fetched from the sss NSS database. This is " -"particularly useful for system accounts. This option can also be set per-" -"domain or include fully-qualified names to filter only users from the " -"particular domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:364 -msgid "Default: root" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 -msgid "filter_users_in_groups (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 -msgid "" -"If you want filtered user still be group members set this option to false." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:381 -msgid "override_homedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:390 sssd-krb5.5.xml:166 -msgid "%u" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:391 sssd-krb5.5.xml:167 -msgid "login name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:394 sssd-krb5.5.xml:170 -msgid "%U" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:395 -msgid "UID number" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:398 sssd-krb5.5.xml:188 -msgid "%d" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 -msgid "domain name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:402 -msgid "%f" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:403 -msgid "fully qualified user name (user@domain)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:406 sssd-krb5.5.xml:200 -msgid "%%" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:407 sssd-krb5.5.xml:201 -msgid "a literal '%'" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:384 -msgid "" -"Override the user's home directory. You can either provide an absolute value " -"or a template. In the template, the following sequences are substituted: " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:413 -msgid "This option can also be set per-domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 -msgid "allowed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 -msgid "" -"Restrict user shell to one of the listed values. The order of evaluation is:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:424 -msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 -msgid "" -"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" -"quote>, use the value of the shell_fallback parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 -msgid "" -"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" -"shells</quote>, a nologin shell is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:438 -msgid "An empty string for shell is passed as-is to libc." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:441 -msgid "" -"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " -"that a restart of the SSSD is required in case a new shell is installed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:445 -msgid "Default: Not set. The user shell is automatically used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:450 -msgid "vetoed_shells (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:453 -msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:458 -msgid "shell_fallback (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:461 -msgid "" -"The default shell to use if an allowed shell is not installed on the machine." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:465 -msgid "Default: /bin/sh" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:472 -msgid "PAM configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:474 -msgid "" -"These options can be used to configure the Pluggable Authentication Module " -"(PAM) service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:479 -msgid "offline_credentials_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:482 -msgid "" -"If the authentication provider is offline, how long should we allow cached " -"logins (in days since the last successful online login)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:487 sssd.conf.5.xml:500 -msgid "Default: 0 (No limit)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:493 -msgid "offline_failed_login_attempts (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 -msgid "" -"If the authentication provider is offline, how many failed login attempts " -"are allowed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:506 -msgid "offline_failed_login_delay (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:509 -msgid "" -"The time in minutes which has to pass after offline_failed_login_attempts " -"has been reached before a new login attempt is possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:514 -msgid "" -"If set to 0 the user cannot authenticate offline if " -"offline_failed_login_attempts has been reached. Only a successful online " -"authentication can enable offline authentication again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 sssd.conf.5.xml:573 sssd.conf.5.xml:1093 -msgid "Default: 5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:526 -msgid "pam_verbosity (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:529 -msgid "" -"Controls what kind of messages are shown to the user during authentication. " -"The higher the number to more messages are displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 -msgid "Currently sssd supports the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:537 -msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:540 -msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:544 -msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:547 -msgid "<emphasis>3</emphasis>: show all messages and debug information" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:551 sssd.8.xml:63 -msgid "Default: 1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:556 -msgid "pam_id_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 -msgid "" -"For any PAM request while SSSD is online, the SSSD will attempt to " -"immediately update the cached identity information for the user in order to " -"ensure that authentication takes place with the latest information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:565 -msgid "" -"A complete PAM conversation may perform multiple PAM requests, such as " -"account management and session opening. This option controls (on a per-" -"client-application basis) how long (in seconds) we can cache the identity " -"information to avoid excessive round-trips to the identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:579 -msgid "pam_pwd_expiration_warning (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:582 -msgid "Display a warning N days before the password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:585 -msgid "" -"Please note that the backend server has to provide information about the " -"expiration time of the password. If this information is missing, sssd " -"cannot display a warning." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 -msgid "Default: 7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:599 -msgid "SUDO configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:601 -msgid "These options can be used to configure the sudo service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:608 -msgid "sudo_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:611 -msgid "" -"For any sudo request that comes while SSSD is online, the SSSD will attempt " -"to update the cached rules in order to ensure that sudo has the latest " -"ruleset." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 -msgid "" -"The user may, however, run a couple of sudo commands successively, which " -"would trigger multiple LDAP requests. In order to speed up this use-case, " -"the sudo service maintains an in-memory cache that would be used for " -"performing fast replies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:624 -msgid "" -"This option controls how long (in seconds) can the sudo service cache rules " -"for a user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 -msgid "Default: 180" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:633 -msgid "sudo_timed (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:636 -msgid "" -"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " -"that implement time-dependent sudoers entries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:649 -msgid "AUTOFS configuration options" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:651 -msgid "These options can be used to configure the autofs service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:659 -msgid "autofs_negative_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:662 -msgid "" -"Specifies for how many seconds should the autofs respondercache negative " -"cache hits (that is, queries for invalid map entries, like nonexistent ones) " -"before asking the back end again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:679 -msgid "DOMAIN SECTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:686 -msgid "min_id,max_id (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 -msgid "" -"UID and GID limits for the domain. If a domain contains an entry that is " -"outside these limits, it is ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:694 -msgid "" -"For users, this affects the primary GID limit. The user will not be returned " -"to NSS if either the UID or the primary GID is outside the range. For non-" -"primary group memberships, those that are in range will be reported as " -"expected." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 -msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:707 -msgid "timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 -msgid "" -"Timeout in seconds between heartbeats for this domain. This is used to " -"ensure that the backend process is alive and capable of answering requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:715 sssd-ldap.5.xml:1131 -msgid "Default: 10" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:721 -msgid "enumerate (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 -msgid "" -"Determines if a domain can be enumerated. This parameter can have one of the " -"following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 -msgid "TRUE = Users and groups are enumerated" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:731 -msgid "FALSE = No enumerations for this domain" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:839 sssd.conf.5.xml:893 -msgid "Default: FALSE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 -msgid "" -"Note: Enabling enumeration has a moderate performance impact on SSSD while " -"enumeration is running. It may take up to several minutes after SSSD startup " -"to fully complete enumerations. During this time, individual requests for " -"information will go directly to LDAP, though it may be slow, due to the " -"heavy enumeration processing." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:747 -msgid "" -"While the first enumeration is running, requests for the complete user or " -"group lists may return no results until it completes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:752 -msgid "" -"Further, enabling enumeration may increase the time necessary to detect " -"network disconnection, as longer timeouts are required to ensure that " -"enumeration lookups are completed successfully. For more information, refer " -"to the man pages for the specific id_provider in use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:763 -msgid "entry_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:766 -msgid "" -"How many seconds should nss_sss consider entries valid before asking the " -"backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:770 -msgid "Default: 5400" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:776 -msgid "entry_cache_user_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 -msgid "" -"How many seconds should nss_sss consider user entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:783 sssd.conf.5.xml:796 sssd.conf.5.xml:809 -#: sssd.conf.5.xml:822 -msgid "Default: entry_cache_timeout" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:789 -msgid "entry_cache_group_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:792 -msgid "" -"How many seconds should nss_sss consider group entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 -msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 -msgid "" -"How many seconds should nss_sss consider netgroup entries valid before " -"asking the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:815 -msgid "entry_cache_service_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 -msgid "" -"How many seconds should nss_sss consider service entries valid before asking " -"the backend again" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:828 -msgid "cache_credentials (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 -msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 -msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:844 -msgid "account_cache_expiration (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:847 -msgid "" -"Number of days entries are left in cache after last successful login before " -"being removed during a cleanup of the cache. 0 means keep forever. The " -"value of this parameter must be greater than or equal to " -"offline_credentials_expiration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 -msgid "Default: 0 (unlimited)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 -msgid "id_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 -msgid "The Data Provider identity backend to use for this domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:867 -msgid "Supported backends:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:870 -msgid "proxy: Support a legacy NSS provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 -msgid "local: SSSD internal local provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:876 -msgid "ldap: LDAP provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 -msgid "use_fully_qualified_names (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 -msgid "" -"If set to TRUE, all requests to this domain must use fully qualified names. " -"For example, if used in LOCAL domain that contains a \"test\" user, " -"<command>getent passwd test</command> wouldn't find the user while " -"<command>getent passwd test@LOCAL</command> would." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:898 -msgid "auth_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:901 -msgid "" -"The authentication provider used for the domain. Supported auth providers " -"are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 -msgid "" -"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 -msgid "" -"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 -msgid "" -"<quote>proxy</quote> for relaying authentication to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 -msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:925 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"authentication requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:931 -msgid "access_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:934 -msgid "" -"The access control provider used for the domain. There are two built-in " -"access providers (in addition to any included in installed backends) " -"Internal special providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 -msgid "<quote>permit</quote> always allow access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 -msgid "<quote>deny</quote> always deny access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:946 -msgid "" -"<quote>simple</quote> access control based on access or deny lists. See " -"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> for more information on configuring the simple " -"access module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 -msgid "Default: <quote>permit</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:958 -msgid "chpass_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:961 -msgid "" -"The provider which should handle change password operations for the domain. " -"Supported change password providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:974 -msgid "" -"<quote>ldap</quote> to change a password stored in a LDAP server. See " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 -msgid "" -"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring Kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:990 -msgid "" -"<quote>proxy</quote> for relaying password changes to some other PAM target." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:994 -msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 -msgid "" -"Default: <quote>auth_provider</quote> is used if it is set and can handle " -"change password requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1004 -msgid "sudo_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1010 -msgid "The SUDO provider used for the domain. Supported SUDO providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1014 -msgid "" -"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more information on configuring LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 -msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1024 -msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1030 -msgid "session_provider (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1033 -msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1038 -msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> for more information on configuring IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1046 -msgid "<quote>none</quote> disallows fetching session settings explicitly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1049 -msgid "" -"Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 -msgid "lookup_family_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "" -"Provides the ability to select preferred address family to use when " -"performing DNS lookups." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 -msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 -msgid "Default: ipv4_first" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1084 -msgid "dns_resolver_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 -msgid "" -"Defines the amount of time (in seconds) to wait for a reply from the DNS " -"resolver before assuming that it is unreachable. If this timeout is reached, " -"the domain will continue to operate in offline mode." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 -msgid "dns_discovery_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 -msgid "" -"If service discovery is used in the back end, specifies the domain part of " -"the service discovery DNS query." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 -msgid "Default: Use the domain part of machine's hostname" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1112 -msgid "override_gid (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1115 -msgid "Override the primary GID value with the one specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1121 -msgid "case_sensitive (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 -msgid "" -"Treat user and group names as case sensitive. At the moment, this option is " -"not supported in the local provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 -msgid "Default: True" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:681 -msgid "" -"These configuration options can be present in a domain configuration " -"section, that is, in a section called <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1141 -msgid "proxy_pam_target (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 -msgid "The proxy target PAM proxies to." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 -msgid "" -"Default: not set by default, you have to take an existing pam configuration " -"or create a new one and add the service name here." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1155 -msgid "proxy_lib_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 -msgid "" -"The name of the NSS library to use in proxy domains. The NSS functions " -"searched for in the library are in the form of _nss_$(libName)_$(function), " -"for example _nss_files_getpwent." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1137 -msgid "" -"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" -"\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1170 -msgid "The local domain section" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1172 -msgid "" -"This section contains settings for domain that stores users and groups in " -"SSSD native database, that is, a domain that uses " -"<replaceable>id_provider=local</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1179 -msgid "default_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1182 -msgid "The default shell for users created with SSSD userspace tools." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1186 -msgid "Default: <filename>/bin/bash</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1191 -msgid "base_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 -msgid "" -"The tools append the login name to <replaceable>base_directory</replaceable> " -"and use that as the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1199 -msgid "Default: <filename>/home</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1204 -msgid "create_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1207 -msgid "" -"Indicate if a home directory should be created by default for new users. " -"Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:1223 -msgid "Default: TRUE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1216 -msgid "remove_homedir (bool)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 -msgid "" -"Indicate if a home directory should be removed by default for deleted " -"users. Can be overridden on command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1228 -msgid "homedir_umask (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1231 -msgid "" -"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " -"on a newly created home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 -msgid "Default: 077" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1244 -msgid "skel_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1257 -msgid "Default: <filename>/etc/skel</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1262 -msgid "mail_dir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1265 -msgid "" -"The mail spool directory. This is needed to manipulate the mailbox when its " -"corresponding user account is modified or deleted. If not specified, a " -"default value is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 -msgid "Default: <filename>/var/mail</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 -msgid "userdel_cmd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 -msgid "" -"The command that is run after a user is removed. The command us passed the " -"username of the user being removed as the first and only parameter. The " -"return code of the command is not taken into account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1286 -msgid "Default: None, no command is run" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1296 sssd-ldap.5.xml:2064 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:544 sssd-krb5.5.xml:432 -msgid "EXAMPLE" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1302 -#, no-wrap -msgid "" -"[sssd]\n" -"domains = LDAP\n" -"services = nss, pam\n" -"config_file_version = 2\n" -"\n" -"[nss]\n" -"filter_groups = root\n" -"filter_users = root\n" -"\n" -"[pam]\n" -"\n" -"[domain/LDAP]\n" -"id_provider = ldap\n" -"ldap_uri = ldap://ldap.example.com\n" -"ldap_search_base = dc=example,dc=com\n" -"\n" -"auth_provider = krb5\n" -"krb5_server = kerberos.example.com\n" -"krb5_realm = EXAMPLE.COM\n" -"cache_credentials = true\n" -"\n" -"min_id = 10000\n" -"max_id = 20000\n" -"enumerate = False\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1298 -msgid "" -"The following example shows a typical SSSD config. It does not describe " -"configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder type=\"programlisting\" " -"id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1333 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 -msgid "sssd-ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:23 -msgid "" -"This manual page describes the configuration of LDAP domains for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for detailed syntax information." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:35 -msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:38 -msgid "" -"LDAP back end supports id, auth, access and chpass providers. If you want to " -"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " -"<command>sssd</command> <emphasis>does not</emphasis> support authentication " -"over an unencrypted channel. If the LDAP server is used only as an identity " -"provider, an encrypted channel is not needed. Please refer to " -"<quote>ldap_access_filter</quote> config option for more information about " -"using LDAP as an access provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 -#: sssd-krb5.5.xml:63 -msgid "CONFIGURATION OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:63 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference. Refer to the <quote>FAILOVER</" -"quote> section for more information on failover and server redundancy. If " -"not specified, service discovery is enabled. For more information, refer to " -"the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:70 -msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:73 -msgid "ldap[s]://<host>[:port]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:76 -msgid "" -"For explicit IPv6 addresses, <host> must be enclosed in brackets []" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:79 -msgid "example: ldap://[fc00::126:25]:389" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:88 -msgid "" -"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " -"should connect in the order of preference to change the password of a user. " -"Refer to the <quote>FAILOVER</quote> section for more information on " -"failover and server redundancy." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:95 -msgid "To enable service discovery ldap_chpass_dns_service_name must be set." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:99 -msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:105 -msgid "ldap_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:108 -msgid "The default base DN to use for performing LDAP user operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:112 -msgid "" -"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " -"syntax:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 -msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:119 -msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:122 -msgid "" -"The filter must be a valid LDAP search filter as specified by http://www." -"ietf.org/rfc/rfc2254.txt" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 -msgid "Examples:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:129 -msgid "" -"ldap_search_base = dc=example,dc=com (which is equivalent to) " -"ldap_search_base = dc=example,dc=com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:134 -msgid "" -"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" -"(host=thishost)?dc=example.com?subtree?" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:137 -msgid "" -"Note: It is unsupported to have multiple search bases which reference " -"identically-named objects (for example, groups with the same name in two " -"different search bases). This will lead to unpredictable behavior on client " -"machines." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:144 -msgid "" -"Default: If not set, the value of the defaultNamingContext or namingContexts " -"attribute from the RootDSE of the LDAP server is used. If " -"defaultNamingContext does not exists or has an empty value namingContexts is " -"used. The namingContexts attribute must have a single value with the DN of " -"the search base of the LDAP server to make this work. Multiple values are " -"are not supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:158 -msgid "ldap_schema (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:161 -msgid "" -"Specifies the Schema Type in use on the target LDAP server. Depending on " -"the selected schema, the default attribute names retrieved from the servers " -"may vary. The way that some attributes are handled may also differ. Three " -"schema types are currently supported: rfc2307 rfc2307bis IPA The main " -"difference between these schema types is how group memberships are recorded " -"in the server. With rfc2307, group members are listed by name in the " -"<emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, group " -"members are listed by DN and stored in the <emphasis>member</emphasis> " -"attribute." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 -msgid "Default: rfc2307" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 -msgid "ldap_default_bind_dn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 -msgid "The default bind DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:196 -msgid "ldap_default_authtok_type (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:199 -msgid "The type of the authentication token of the default bind DN." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:203 -msgid "The two mechanisms currently supported are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 -msgid "password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:209 -msgid "obfuscated_password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 -msgid "Default: password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:218 -msgid "ldap_default_authtok (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:221 -msgid "" -"The authentication token of the default bind DN. Only clear text passwords " -"are currently supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:228 -msgid "ldap_user_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:231 -msgid "The object class of a user entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:234 -msgid "Default: posixAccount" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:240 -msgid "ldap_user_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:243 -msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:247 -msgid "Default: uid" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:253 -msgid "ldap_user_uid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:256 -msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:260 -msgid "Default: uidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:266 -msgid "ldap_user_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:269 -msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:273 sssd-ldap.5.xml:740 -msgid "Default: gidNumber" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:279 -msgid "ldap_user_gecos (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:282 -msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:286 -msgid "Default: gecos" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:292 -msgid "ldap_user_home_directory (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:295 -msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 -msgid "Default: homeDirectory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:305 -msgid "ldap_user_shell (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 -msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 -msgid "Default: loginShell" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 -msgid "ldap_user_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 sssd-ldap.5.xml:766 sssd-ldap.5.xml:878 -msgid "Default: nsUniqueId" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 -msgid "ldap_user_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 sssd-ldap.5.xml:775 sssd-ldap.5.xml:887 -msgid "" -"The LDAP attribute that contains timestamp of the last modification of the " -"parent object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 sssd-ldap.5.xml:779 sssd-ldap.5.xml:894 -msgid "Default: modifyTimestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 -msgid "ldap_user_shadow_last_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " -"the last password change)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:357 -msgid "Default: shadowLastChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:363 -msgid "ldap_user_shadow_min (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:366 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:375 -msgid "Default: shadowMin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:381 -msgid "ldap_user_shadow_max (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:384 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " -"password age)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 -msgid "Default: shadowMax" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 -msgid "ldap_user_shadow_warning (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password warning period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 -msgid "Default: shadowWarning" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 -msgid "ldap_user_shadow_inactive (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 -msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " -"(password inactivity period)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:431 -msgid "Default: shadowInactive" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:437 -msgid "ldap_user_shadow_expire (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:440 -msgid "" -"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " -"parameter contains the name of an LDAP attribute corresponding to its " -"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> counterpart (account expiration date)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 -msgid "Default: shadowExpire" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:456 -msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:459 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time of last password change in " -"kerberos." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:465 -msgid "Default: krbLastPwdChange" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:471 -msgid "ldap_user_krb_password_expiration (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 -msgid "" -"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " -"an LDAP attribute storing the date and time when current password expires." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:480 -msgid "Default: krbPasswordExpiration" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:486 -msgid "ldap_user_ad_account_expires (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:489 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the expiration time of the account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:494 -msgid "Default: accountExpires" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:500 -msgid "ldap_user_ad_user_account_control (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:503 -msgid "" -"When using ldap_account_expire_policy=ad, this parameter contains the name " -"of an LDAP attribute storing the user account control bit field." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:508 -msgid "Default: userAccountControl" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:514 -msgid "ldap_ns_account_lock (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:517 -msgid "" -"When using ldap_account_expire_policy=rhds or equivalent, this parameter " -"determines if access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:522 -msgid "Default: nsAccountLock" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:528 -msgid "ldap_user_nds_login_disabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:531 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines if " -"access is allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 sssd-ldap.5.xml:549 -msgid "Default: loginDisabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 -msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines until " -"which date access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 -msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 -msgid "" -"When using ldap_account_expire_policy=nds, this attribute determines the " -"hours of a day in a week when access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 -msgid "Default: loginAllowedTimeMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 -msgid "ldap_user_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 -msgid "" -"The LDAP attribute that contains the user's Kerberos User Principal Name " -"(UPN)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:576 -msgid "Default: krbPrincipalName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:582 -msgid "ldap_user_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:585 -msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:592 -msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:595 -msgid "" -"Some directory servers, for example Active Directory, might deliver the " -"realm part of the UPN in lower case, which might cause the authentication to " -"fail. Set this option to a non-zero value if you want to use an upper-case " -"realm." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:608 -msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:611 -msgid "" -"Specifies how many seconds SSSD has to wait before refreshing its cache of " -"enumerated records." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 sssd-ldap.5.xml:1808 -msgid "Default: 300" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:622 -msgid "ldap_purge_cache_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:625 -msgid "" -"Determine how often to check the cache for inactive entries (such as groups " -"with no members and users who have never logged in) and remove them to save " -"space." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 -msgid "Setting this option to zero will disable the cache cleanup operation." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:635 -msgid "Default: 10800 (12 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:641 -msgid "ldap_user_fullname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 -msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:648 sssd-ldap.5.xml:727 sssd-ldap.5.xml:828 -#: sssd-ldap.5.xml:919 sssd-ldap.5.xml:1663 sssd-ldap.5.xml:1881 -#: sssd-ipa.5.xml:422 -msgid "Default: cn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:654 -msgid "ldap_user_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:657 -msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:661 sssd-ipa.5.xml:326 -msgid "Default: memberOf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:667 -msgid "ldap_user_authorized_service (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:670 -msgid "" -"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " -"use the presence of the authorizedService attribute in the user's LDAP entry " -"to determine access privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:677 -msgid "" -"An explicit deny (!svc) is resolved first. Second, SSSD searches for " -"explicit allow (svc) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:682 -msgid "Default: authorizedService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:688 -msgid "ldap_user_authorized_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:691 -msgid "" -"If access_provider=ldap and ldap_access_order=host, SSSD will use the " -"presence of the host attribute in the user's LDAP entry to determine access " -"privilege." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:697 -msgid "" -"An explicit deny (!host) is resolved first. Second, SSSD searches for " -"explicit allow (host) and finally for allow_all (*)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 -msgid "Default: host" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:708 -msgid "ldap_group_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:711 -msgid "The object class of a group entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:714 -msgid "Default: posixGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:720 -msgid "ldap_group_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:723 -msgid "The LDAP attribute that corresponds to the group name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:733 -msgid "ldap_group_gid_number (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:736 -msgid "The LDAP attribute that corresponds to the group's id." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:746 -msgid "ldap_group_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 -msgid "The LDAP attribute that contains the names of the group's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:753 -msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:759 -msgid "ldap_group_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 -msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 -msgid "ldap_group_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:785 -msgid "ldap_group_nesting_level (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 -msgid "" -"If ldap_schema is set to a schema format that supports nested groups (e.g. " -"RFC2307bis), then this option controls how many levels of nesting SSSD will " -"follow. This option has no effect on the RFC2307 schema." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:795 -msgid "Default: 2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:801 -msgid "ldap_netgroup_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 -msgid "The object class of a netgroup entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:807 -msgid "In IPA provider, ipa_netgroup_object_class should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:811 -msgid "Default: nisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:817 -msgid "ldap_netgroup_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 -msgid "The LDAP attribute that corresponds to the netgroup name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:824 -msgid "In IPA provider, ipa_netgroup_name should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:834 -msgid "ldap_netgroup_member (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:837 -msgid "The LDAP attribute that contains the names of the netgroup's members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:841 -msgid "In IPA provider, ipa_netgroup_member should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 -msgid "Default: memberNisNetgroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 -msgid "ldap_netgroup_triple (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 -msgid "" -"The LDAP attribute that contains the (host, user, domain) netgroup triples." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:858 sssd-ldap.5.xml:891 -msgid "This option is not available in IPA provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:861 -msgid "Default: nisNetgroupTriple" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:867 -msgid "ldap_netgroup_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:870 -msgid "" -"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 -msgid "In IPA provider, ipa_netgroup_uuid should be used instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 -msgid "ldap_netgroup_modify_timestamp (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 -msgid "ldap_service_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 -msgid "The object class of a service entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:906 -msgid "Default: ipService" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 -msgid "ldap_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 -msgid "" -"The LDAP attribute that contains the name of service attributes and their " -"aliases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:925 -msgid "ldap_service_port (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:928 -msgid "The LDAP attribute that contains the port managed by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:932 -msgid "Default: ipServicePort" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:938 -msgid "ldap_service_proto (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:941 -msgid "" -"The LDAP attribute that contains the protocols understood by this service." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:945 -msgid "Default: ipServiceProtocol" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:951 -msgid "ldap_service_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:954 -msgid "An optional base DN to restrict service searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:958 sssd-ldap.5.xml:1918 sssd-ldap.5.xml:1937 -#: sssd-ldap.5.xml:1956 sssd-ldap.5.xml:2019 sssd-ldap.5.xml:2041 -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 -msgid "" -"See <quote>ldap_search_base</quote> for information about configuring " -"multiple search bases." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 sssd-ldap.5.xml:1923 sssd-ldap.5.xml:1942 -#: sssd-ldap.5.xml:1961 sssd-ldap.5.xml:2024 sssd-ldap.5.xml:2046 -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 -msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:970 -msgid "ldap_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 -msgid "" -"Specifies the timeout (in seconds) that ldap searches are allowed to run " -"before they are cancelled and cached results are returned (and offline mode " -"is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 -msgid "" -"Note: this option is subject to change in future versions of the SSSD. It " -"will likely be replaced at some point by a series of timeouts for specific " -"lookup types." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:985 sssd-ldap.5.xml:1027 sssd-ldap.5.xml:1042 -msgid "Default: 6" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:991 -msgid "ldap_enumeration_search_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:994 -msgid "" -"Specifies the timeout (in seconds) that ldap searches for user and group " -"enumerations are allowed to run before they are cancelled and cached results " -"are returned (and offline mode is entered)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1001 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1007 -msgid "ldap_network_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 -msgid "" -"Specifies the timeout (in seconds) after which the <citerefentry> " -"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" -"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" -"manvolnum> </citerefentry> following a <citerefentry> " -"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" -"citerefentry> returns in case of no activity." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 -msgid "ldap_opt_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 -msgid "" -"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " -"will abort if no response is received. Also controls the timeout when " -"communicating with the KDC in case of SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1048 -msgid "ldap_connection_expire_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 -msgid "" -"Specifies a timeout (in seconds) that a connection to an LDAP server will be " -"maintained. After this time, the connection will be re-established. If used " -"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " -"the TGT lifetime) will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 -msgid "Default: 900 (15 minutes)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 -msgid "ldap_page_size (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 -msgid "" -"Specify the number of records to retrieve from LDAP in a single request. " -"Some LDAP servers enforce a maximum limit per-request." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 -msgid "Default: 1000" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1079 -msgid "ldap_disable_paging" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1082 -msgid "" -"Disable the LDAP paging control. This option should be used if the LDAP " -"server reports that it supports the LDAP paging control in its RootDSE but " -"it is not enabled or does not behave properly." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1088 -msgid "" -"Example: OpenLDAP servers with the paging control module installed on the " -"server but not enabled will report it in the RootDSE but be unable to use it." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1094 -msgid "" -"Example: 389 DS has a bug where it can only support a one paging control at " -"a time on a single connection. On busy clients, this can result in some " -"requests being denied." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 -msgid "ldap_deref_threshold (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 -msgid "" -"Specify the number of group members that must be missing from the internal " -"cache in order to trigger a dereference lookup. If less members are missing, " -"they are looked up individually." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1112 -msgid "" -"You can turn off dereference lookups completely by setting the value to 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1116 -msgid "" -"A dereference lookup is a means of fetching all group members in a single " -"LDAP call. Different LDAP servers may implement different dereference " -"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " -"Directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1124 -msgid "" -"<emphasis>Note:</emphasis> If any of the search bases specifies a search " -"filter, then the dereference lookup performance enhancement will be disabled " -"regardless of this setting." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1137 -msgid "ldap_tls_reqcert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 -msgid "" -"Specifies what checks to perform on server certificates in a TLS session, if " -"any. It can be specified as one of the following values:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1146 -msgid "" -"<emphasis>never</emphasis> = The client will not request or check any server " -"certificate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1150 -msgid "" -"<emphasis>allow</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, it will be ignored and the session proceeds normally." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 -msgid "" -"<emphasis>try</emphasis> = The server certificate is requested. If no " -"certificate is provided, the session proceeds normally. If a bad certificate " -"is provided, the session is immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 -msgid "" -"<emphasis>demand</emphasis> = The server certificate is requested. If no " -"certificate is provided, or a bad certificate is provided, the session is " -"immediately terminated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 -msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1173 -msgid "Default: hard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1179 -msgid "ldap_tls_cacert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1182 -msgid "" -"Specifies the file that contains certificates for all of the Certificate " -"Authorities that <command>sssd</command> will recognize." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 sssd-ldap.5.xml:1205 sssd-ldap.5.xml:1246 -msgid "" -"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." -"conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1194 -msgid "ldap_tls_cacertdir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1197 -msgid "" -"Specifies the path of a directory that contains Certificate Authority " -"certificates in separate individual files. Typically the file names need to " -"be the hash of the certificate followed by '.0'. If available, " -"<command>cacertdir_rehash</command> can be used to create the correct names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1212 -msgid "ldap_tls_cert (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1215 -msgid "Specifies the file that contains the certificate for the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1979 -#: sssd-ldap.5.xml:2006 sssd-krb5.5.xml:359 -msgid "Default: not set" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1225 -msgid "ldap_tls_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 -msgid "Specifies the file that contains the client's key." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1237 -msgid "ldap_tls_cipher_suite (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1240 -msgid "" -"Specifies acceptable cipher suites. Typically this is a colon sperated " -"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> for format." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1253 -msgid "ldap_id_use_start_tls (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1256 -msgid "" -"Specifies that the id_provider connection must also use <systemitem class=" -"\"protocol\">tls</systemitem> to protect the channel." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1266 -msgid "ldap_sasl_mech (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1269 -msgid "" -"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " -"supported." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1428 -msgid "Default: none" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 -msgid "ldap_sasl_authid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 -msgid "" -"Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 -msgid "Default: host/machine.fqdn@REALM" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1293 -msgid "ldap_sasl_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1296 -msgid "" -"If set to true, the LDAP library would perform a reverse lookup to " -"canonicalize the host name during a SASL bind." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1301 -msgid "Default: false;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1307 -msgid "ldap_krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1310 -msgid "Specify the keytab to use when using SASL/GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1313 -msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1319 -msgid "ldap_krb5_init_creds (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1322 -msgid "" -"Specifies that the id_provider should init Kerberos credentials (TGT). This " -"action is performed only if SASL is used and the mechanism selected is " -"GSSAPI." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1334 -msgid "ldap_krb5_ticket_lifetime (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 -msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1341 -msgid "Default: 86400 (24 hours)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1347 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1350 sssd-krb5.5.xml:77 -msgid "" -"Specifies the comma-separated list of IP addresses or hostnames of the " -"Kerberos servers to which SSSD should connect in the order of preference. " -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. An optional port number (preceded by a " -"colon) may be appended to the addresses or hostnames. If empty, service " -"discovery is enabled - for more information, refer to the <quote>SERVICE " -"DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1362 sssd-krb5.5.xml:89 -msgid "" -"When using service discovery for KDC or kpasswd servers, SSSD first searches " -"for DNS entries that specify _udp as the protocol and falls back to _tcp if " -"none are found." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 sssd-krb5.5.xml:94 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " -"While the legacy name is recognized for the time being, users are advised to " -"migrate their config files to use <quote>krb5_server</quote> instead." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 sssd-ipa.5.xml:216 sssd-krb5.5.xml:103 -msgid "krb5_realm (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1379 -msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1382 -msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1388 sssd-ipa.5.xml:231 sssd-krb5.5.xml:409 -msgid "krb5_canonicalize (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1391 -msgid "" -"Specifies if the host principal should be canonicalized when connecting to " -"LDAP server. This feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1403 -msgid "ldap_pwd_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1406 -msgid "" -"Select the policy to evaluate the password expiration on the client side. " -"The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1411 -msgid "" -"<emphasis>none</emphasis> - No evaluation on the client side. This option " -"cannot disable server-side password policies." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1416 -msgid "" -"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" -"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " -"evaluate if the password has expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1422 -msgid "" -"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " -"to determine if the password has expired. Use chpass_provider=krb5 to update " -"these attributes when the password is changed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1434 -msgid "ldap_referrals (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 -msgid "Specifies whether automatic referral chasing should be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1441 -msgid "" -"Please note that sssd only supports referral chasing when it is compiled " -"with OpenLDAP version 2.4.13 or higher." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1452 -msgid "ldap_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 -msgid "Specifies the service name to use when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1459 -msgid "Default: ldap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1465 -msgid "ldap_chpass_dns_service_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1468 -msgid "" -"Specifies the service name to use to find an LDAP server which allows " -"password changes when service discovery is enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 -msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 -msgid "ldap_access_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 -msgid "" -"If using access_provider = ldap, this option is mandatory. It specifies an " -"LDAP search filter criteria that must be met for the user to be granted " -"access on this host. If access_provider = ldap and this option is not set, " -"it will result in all users being denied access. Use access_provider = allow " -"to change this default behavior." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1492 sssd-ldap.5.xml:1982 -msgid "Example:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1495 -#, no-wrap -msgid "" -"access_provider = ldap\n" -"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1499 -msgid "" -"This example means that access to this host is restricted to members of the " -"\"allowedusers\" group in ldap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1504 -msgid "" -"Offline caching for this feature is limited to determining whether the " -"user's last online login was granted access permission. If they were granted " -"access during their last login, they will continue to be granted access " -"while offline and vice-versa." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1512 sssd-ldap.5.xml:1562 -msgid "Default: Empty" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1518 -msgid "ldap_account_expire_policy (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1521 -msgid "" -"With this option a client side evaluation of access control attributes can " -"be enabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1525 -msgid "" -"Please note that it is always recommended to use server side access control, " -"i.e. the LDAP server should deny the bind request with a suitable error code " -"even if the password is correct." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 -msgid "The following values are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 -msgid "" -"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " -"determine if the account is expired." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1540 -msgid "" -"<emphasis>ad</emphasis>: use the value of the 32bit field " -"ldap_user_ad_user_account_control and allow access if the second bit is not " -"set. If the attribute is missing access is granted. Also the expiration time " -"of the account is checked." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 -msgid "" -"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" -"emphasis>: use the value of ldap_ns_account_lock to check if access is " -"allowed or not." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1553 -msgid "" -"<emphasis>nds</emphasis>: the values of " -"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " -"ldap_user_nds_login_expiration_time are used to check if access is allowed. " -"If both attributes are missing access is granted." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1568 -msgid "ldap_access_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 -msgid "Comma separated list of access control options. Allowed values are:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1575 -msgid "<emphasis>filter</emphasis>: use ldap_access_filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 -msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 -msgid "" -"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " -"to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1587 -msgid "<emphasis>host</emphasis>: use the host attribute to determine access" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1591 -msgid "Default: filter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 -msgid "" -"Please note that it is a configuration error if a value is used more than " -"once." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1601 -msgid "ldap_deref (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 -msgid "" -"Specifies how alias dereferencing is done when performing a search. The " -"following options are allowed:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1609 -msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1613 -msgid "" -"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " -"the base object, but not in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1618 -msgid "" -"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " -"the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 -msgid "" -"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " -"in locating the base object of the search." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1628 -msgid "" -"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " -"client libraries)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:51 -msgid "" -"All of the common configuration options that apply to SSSD domains also " -"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " -"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for full details. <placeholder type=" -"\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1639 -msgid "SUDO OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1644 -msgid "ldap_sudorule_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1647 -msgid "The object class of a sudo rule entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1650 -msgid "Default: sudoRole" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1656 -msgid "ldap_sudorule_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1659 -msgid "The LDAP attribute that corresponds to the sudo rule name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1669 -msgid "ldap_sudorule_command (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1672 -msgid "The LDAP attribute that corresponds to the command name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1676 -msgid "Default: sudoCommand" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1682 -msgid "ldap_sudorule_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1685 -msgid "" -"The LDAP attribute that corresponds to the host name (or host IP address, " -"host IP network, or host netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1690 -msgid "Default: sudoHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 -msgid "ldap_sudorule_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 -msgid "" -"The LDAP attribute that corresponds to the user name (or UID, group name or " -"user's netgroup)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1703 -msgid "Default: sudoUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1709 -msgid "ldap_sudorule_option (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1712 -msgid "The LDAP attribute that corresponds to the sudo options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1716 -msgid "Default: sudoOption" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1722 -msgid "ldap_sudorule_runasuser (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1725 -msgid "" -"The LDAP attribute that corresponds to the user name that commands may be " -"run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 -msgid "Default: sudoRunAsUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1735 -msgid "ldap_sudorule_runasgroup (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1738 -msgid "" -"The LDAP attribute that corresponds to the group name or group GID that " -"commands may be run as." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 -msgid "Default: sudoRunAsGroup" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1748 -msgid "ldap_sudorule_notbefore (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1751 -msgid "" -"The LDAP attribute that corresponds to the start date/time for when the sudo " -"rule is valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 -msgid "Default: sudoNotBefore" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1761 -msgid "ldap_sudorule_notafter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 -msgid "" -"The LDAP attribute that corresponds to the expiration date/time, after which " -"the sudo rule will no longer be valid." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1769 -msgid "Default: sudoNotAfter" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1775 -msgid "ldap_sudorule_order (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1778 -msgid "The LDAP attribute that corresponds to the ordering index of the rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1782 -msgid "Default: sudoOrder" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1788 -msgid "ldap_sudo_refresh_enabled (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1791 -msgid "" -"Enables periodical download of all sudo rules. The cache is purged before " -"each update." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 -msgid "ldap_sudo_refresh_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 -msgid "" -"How many seconds SSSD has to wait before refreshing its cache of sudo rules." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1642 -msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1815 -msgid "" -"This manual page only describes attribute name mapping. For detailed " -"explanation of sudo related attribute sematics, see <citerefentry> " -"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1825 -msgid "AUTOFS OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1827 -msgid "" -"Please note that the default values correspond to the default schema which " -"is RFC2307." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1834 -msgid "ldap_autofs_map_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1837 sssd-ldap.5.xml:1863 -msgid "The object class of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1840 sssd-ldap.5.xml:1867 -msgid "Default: automountMap" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1847 -msgid "ldap_autofs_map_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 -msgid "The name of an automount map entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 -msgid "Default: ou" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1860 -msgid "ldap_autofs_entry_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1874 -msgid "ldap_autofs_entry_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1877 sssd-ldap.5.xml:1891 -msgid "" -"The key of an automount entry in LDAP. The entry usually corresponds to a " -"mount point." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1888 -msgid "ldap_autofs_entry_value (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1895 -msgid "Default: automountInformation" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1832 -msgid "" -"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" -"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " -"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" -"\"variablelist\" id=\"4\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1904 -msgid "ADVANCED OPTIONS" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 -msgid "ldap_netgroup_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 -msgid "" -"An optional base DN to restrict netgroup searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1930 -msgid "ldap_user_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1933 -msgid "An optional base DN to restrict user searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 -msgid "ldap_group_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 -msgid "An optional base DN to restrict group searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1968 -msgid "ldap_user_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1971 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict user searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1975 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_user_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1985 -#, no-wrap -msgid "" -" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" -" " -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1988 -msgid "" -"This filter would restrict user searches to users that have their shell set " -"to /bin/tcsh." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1995 -msgid "ldap_group_search_filter (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1998 -msgid "" -"This option specifies an additional LDAP search filter criteria that " -"restrict group searches." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 -msgid "" -"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " -"by ldap_group_search_base." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2012 -msgid "ldap_sudo_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2015 -msgid "" -"An optional base DN to restrict sudo rules searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2034 -msgid "ldap_autofs_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 -msgid "" -"An optional base DN to restrict automounter searches to a specific subtree." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1906 -msgid "" -"These options are supported by LDAP domains, but they should be used with " -"caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2066 -msgid "" -"The following example assumes that SSSD is correctly configured and LDAP is " -"set to one of the domains in the <replaceable>[domains]</replaceable> " -"section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2072 -#, no-wrap -msgid "" -" [domain/LDAP]\n" -" id_provider = ldap\n" -" auth_provider = ldap\n" -" ldap_uri = ldap://ldap.mydomain.org\n" -" ldap_search_base = dc=mydomain,dc=org\n" -" ldap_tls_reqcert = demand\n" -" cache_credentials = true\n" -" enumerate = true\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2071 sssd-simple.5.xml:134 sssd-ipa.5.xml:552 -#: sssd-krb5.5.xml:441 -msgid "<placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2085 sssd_krb5_locator_plugin.8.xml:61 -msgid "NOTES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2087 -msgid "" -"The descriptions of some of the configuration options in this manual page " -"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " -"distribution." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2098 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <refentryinfo> -#: pam_sss.8.xml:8 include/upstream.xml:2 -msgid "" -"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" -"fedorahosted.org/sssd</orgname>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: pam_sss.8.xml:13 pam_sss.8.xml:18 -msgid "pam_sss" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: pam_sss.8.xml:19 -msgid "PAM module for SSSD" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: pam_sss.8.xml:24 -msgid "" -"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" -"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" -"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" -"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:45 -msgid "" -"<command>pam_sss.so</command> is the PAM interface to the System Security " -"Services daemon (SSSD). Errors and results are logged through <command>syslog" -"(3)</command> with the LOG_AUTHPRIV facility." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:55 -msgid "<option>quiet</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:58 -msgid "Suppress log messages for unknown users." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:63 -msgid "<option>forward_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:66 -msgid "" -"If <option>forward_pass</option> is set the entered password is put on the " -"stack for other PAM modules to use." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:73 -msgid "<option>use_first_pass</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:76 -msgid "" -"The argument use_first_pass forces the module to use a previous stacked " -"modules password and will never prompt the user - if no password is " -"available or the password is not appropriate, the user will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:84 -msgid "<option>use_authtok</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:87 -msgid "" -"When password changing enforce the module to set the new password to the one " -"provided by a previously stacked password module." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: pam_sss.8.xml:94 -msgid "<option>retry=N</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:97 -msgid "" -"If specified the user is asked another N times for a password if " -"authentication fails. Default is 0." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: pam_sss.8.xml:99 -msgid "" -"Please note that this option might not work as expected if the application " -"calling PAM handles the user dialog on its own. A typical example is " -"<command>sshd</command> with <option>PasswordAuthentication</option>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:110 -msgid "MODULE TYPES PROVIDED" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:111 -msgid "" -"All module types (<option>account</option>, <option>auth</option>, " -"<option>password</option> and <option>session</option>) are provided." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: pam_sss.8.xml:117 -msgid "FILES" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:118 -msgid "" -"If a password reset by root fails, because the corresponding SSSD provider " -"does not support password resets, an individual message can be displayed. " -"This message can e.g. contain instructions about how to reset a password." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:123 -msgid "" -"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" -"filename> where LOC stands for a locale string returned by <citerefentry> " -"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" -"citerefentry>. If there is no matching file the content of " -"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " -"the owner of the files and only root may have read and write permissions " -"while all other users must have only read permissions." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:133 -msgid "" -"These files are searched in the directory <filename>/etc/sssd/customize/" -"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " -"displayed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: pam_sss.8.xml:141 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 -msgid "sssd_krb5_locator_plugin" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:22 -msgid "" -"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 -msgid "" -"Not all Kerberos implementations support the use of plugins. If " -"<command>sssd_krb5_locator_plugin</command> is not available on your system " -"you have to edit /etc/krb5.conf to reflect your Kerberos setup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 -msgid "" -"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " -"debug messages will be sent to stderr." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:77 -msgid "" -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 -msgid "sssd-simple" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd-simple.5.xml:17 -msgid "the configuration file for SSSD's 'simple' access-control provider" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:24 -msgid "" -"This manual page describes the configuration of the simple access-control " -"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " -"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:38 -msgid "" -"The simple access provider grants or denies access based on an access or " -"deny list of user or group names. The following rules apply:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:43 -msgid "If all lists are empty, access is granted" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 -msgid "" -"If any list is provided, the order of evaluation is allow,deny. This means " -"that any matching deny rule will supersede any matched allow rule." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:54 -msgid "" -"If either or both \"allow\" lists are provided, all users are denied unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:60 -msgid "" -"If only \"deny\" lists are provided, all users are granted access unless " -"they appear in the list." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:78 -msgid "simple_allow_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:81 -msgid "Comma separated list of users who are allowed to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:88 -msgid "simple_deny_users (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:91 -msgid "Comma separated list of users who are explicitly denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:97 -msgid "simple_allow_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:100 -msgid "" -"Comma separated list of groups that are allowed to log in. This applies only " -"to groups within this SSSD domain. Local groups are not evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:108 -msgid "simple_deny_groups (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:111 -msgid "" -"Comma separated list of groups that are explicitly denied access. This " -"applies only to groups within this SSSD domain. Local groups are not " -"evaluated." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 -msgid "" -"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:120 -msgid "" -"Please note that it is an configuration error if both, simple_allow_users " -"and simple_deny_users, are defined." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the simple access provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" access_provider = simple\n" -" simple_allow_users = user1, user2\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:145 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 -msgid "sssd-ipa" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:23 -msgid "" -"This manual page describes the configuration of the IPA provider for " -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " -"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" -"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:36 -msgid "" -"The IPA provider is a back end used to connect to an IPA server. (Refer to " -"the freeipa.org web site for information about IPA servers.) This provider " -"requires that the machine be joined to the IPA domain; configuration is " -"almost entirely self-discovered and obtained directly from the server." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:43 -msgid "" -"The IPA provider accepts the same options used by the <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" -"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " -"provider with some exceptions described below." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:55 -msgid "" -"However, it is neither necessary nor recommended to set these options. IPA " -"provider can also be used as an access and chpass provider. As an access " -"provider it uses HBAC (host-based access control) rules. Please refer to " -"freeipa.org for more information about HBAC. No configuration of access " -"provider is required on the client side." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 -msgid "ipa_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 -msgid "" -"Specifies the name of the IPA domain. This is optional. If not provided, " -"the configuration domain name is used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 -msgid "" -"The comma-separated list of IP addresses or hostnames of the IPA servers to " -"which SSSD should connect in the order of preference. For more information " -"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " -"This is optional if autodiscovery is enabled. For more information on " -"service discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 -msgid "ipa_hostname (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 -msgid "" -"Optional. May be set on machines where the hostname(5) does not reflect the " -"fully qualified name used in the IPA domain to identify this host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 -msgid "ipa_dyndns_update (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 -msgid "" -"Optional. This option tells SSSD to automatically update the DNS server " -"built into FreeIPA v2 with the IP address of this client." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 -msgid "" -"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " -"the default Kerberos realm must be set properly in /etc/krb5.conf" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 -msgid "ipa_dyndns_iface (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 -msgid "" -"Optional. Applicable only when ipa_dyndns_update is true. Choose the " -"interface whose IP address should be used for dynamic DNS updates." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 -msgid "Default: Use the IP address of the IPA LDAP connection" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 -msgid "ipa_hbac_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 -msgid "Optional. Use the given string as search base for HBAC related objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 -msgid "Default: Use base DN" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 -msgid "ipa_host_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 -msgid "Optional. Use the given string as search base for host objects." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 -msgid "" -"If filter is given in any of search bases and " -"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " -"will be ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 -msgid "ipa_selinux_search_base (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 -msgid "Optional. Use the given string as search base for SELinux user maps." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 sssd-krb5.5.xml:229 -msgid "krb5_validate (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 sssd-krb5.5.xml:232 -msgid "" -"Verify with the help of krb5_keytab that the TGT obtained has not been " -"spoofed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:209 -msgid "" -"Note that this default differs from the traditional Kerberos provider back " -"end." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:219 -msgid "" -"The name of the Kerberos realm. This is optional and defaults to the value " -"of <quote>ipa_domain</quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:223 -msgid "" -"The name of the Kerberos realm has a special meaning in IPA - it is " -"converted into the base DN to use for performing LDAP operations." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:234 -msgid "" -"Specifies if the host and user principal should be canonicalized when " -"connecting to IPA LDAP and also for AS requests. This feature is available " -"with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 -msgid "ipa_hbac_refresh (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 -msgid "" -"The amount of time between lookups of the HBAC rules against the IPA server. " -"This will reduce the latency and load on the IPA server if there are many " -"access-control requests made in a short period." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 -msgid "Default: 5 (seconds)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:262 -msgid "ipa_hbac_treat_deny_as (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:265 -msgid "" -"This option specifies how to treat the deprecated DENY-type HBAC rules. As " -"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " -"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " -"client will support two modes of operation during this transition period:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:274 -msgid "" -"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " -"users will be denied access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 -msgid "" -"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " -"careful with this option, as it may result in opening unintended access." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:284 -msgid "Default: DENY_ALL" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:289 -msgid "ipa_hbac_support_srchost (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:292 -msgid "" -"If this is set to false, then srchost as given to SSSD by PAM will be " -"ignored." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 -msgid "" -"Note that if set to <emphasis>False</emphasis>, this option casuses filters " -"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:307 -msgid "ipa_automount_location (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:310 -msgid "The automounter location this IPA client will be using" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:313 -msgid "Default: The location named \"default\"" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:319 -msgid "ipa_netgroup_member_of (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 -msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:331 -msgid "ipa_netgroup_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 -msgid "" -"The LDAP attribute that lists system users and groups that are direct " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:339 sssd-ipa.5.xml:434 -msgid "Default: memberUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:344 -msgid "ipa_netgroup_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:347 -msgid "" -"The LDAP attribute that lists hosts and host groups that are direct members " -"of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 sssd-ipa.5.xml:446 -msgid "Default: memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:356 -msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:359 -msgid "" -"The LDAP attribute that lists FQDNs of hosts and host groups that are " -"members of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:363 -msgid "Default: externalHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:368 -msgid "ipa_netgroup_domain (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:371 -msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:375 -msgid "Default: nisDomainName" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:381 -msgid "ipa_host_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:407 -msgid "The object class of a host entry in LDAP." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:387 sssd-ipa.5.xml:410 -msgid "Default: ipaHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:392 -msgid "ipa_host_fqdn (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:395 -msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 -msgid "Default: fqdn" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:404 -msgid "ipa_selinux_usermap_object_class (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:415 -msgid "ipa_selinux_usermap_name (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:418 -msgid "The LDAP attribute that contains the name of SELinux usermap." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:427 -msgid "ipa_selinux_usermap_member_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:430 -msgid "" -"The LDAP attribute that contains all users / groups this rule match against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:439 -msgid "ipa_selinux_usermap_member_host (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:442 -msgid "" -"The LDAP attribute that contains all hosts / hostgroups this rule match " -"against." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:451 -msgid "ipa_selinux_usermap_see_also (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 -msgid "" -"The LDAP attribute that contains DN of HBAC rule which can be used for " -"matching instead of memberUser and memberHost" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:459 -msgid "Default: seeAlso" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:464 -msgid "ipa_selinux_usermap_selinux_user (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:467 -msgid "The LDAP attribute that contains SELinux user string itself." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 -msgid "Default: ipaSELinuxUser" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:476 -msgid "ipa_selinux_usermap_enabled (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:479 -msgid "" -"The LDAP attribute that contains whether or not is user map enabled for " -"usage." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:483 -msgid "Default: ipaEnabledFlag" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:488 -msgid "ipa_selinux_usermap_user_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:491 -msgid "The LDAP attribute that contains user category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:495 -msgid "Default: userCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:500 -msgid "ipa_selinux_usermap_host_category (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:503 -msgid "The LDAP attribute that contains host category such as 'all'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:507 -msgid "Default: hostCategory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 -msgid "ipa_selinux_usermap_uuid (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 -msgid "The LDAP attribute that contains unique ID of the user map." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:519 -msgid "Default: ipaUniqueID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:524 -msgid "ipa_host_ssh_public_key (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:527 -msgid "The LDAP attribute that contains the host's SSH public keys." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:531 -msgid "Default: ipaSshPubKey" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:546 -msgid "" -"The following example assumes that SSSD is correctly configured and example." -"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " -"This examples shows only the ipa provider-specific options." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:553 -#, no-wrap -msgid "" -" [domain/example.com]\n" -" id_provider = ipa\n" -" ipa_server = ipaserver.example.com\n" -" ipa_hostname = myhost.example.com\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:564 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sssd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 -msgid "" -"<command>sssd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 -msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:53 -msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:57 -msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:60 -msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:69 -msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:73 -msgid "" -"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:76 -msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:79 -msgid "Default: 0" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:85 -msgid "<option>-f</option>,<option>--debug-to-files</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:89 -msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:97 -msgid "<option>-D</option>,<option>--daemon</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:101 -msgid "Become a daemon after starting up." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 -msgid "<option>-i</option>,<option>--interactive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:111 -msgid "Run in the foreground, don't become a daemon." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:117 -msgid "<option>-c</option>,<option>--config</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:121 -msgid "" -"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." -"conf</filename>. For reference on the config file syntax and options, " -"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:135 -msgid "<option>--version</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:139 -msgid "Print version number and exit." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:147 -msgid "Signals" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:150 -msgid "SIGTERM/SIGINT" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:153 -msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:159 -msgid "SIGHUP" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:162 -msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:170 -msgid "SIGUSR1" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:173 -msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:179 -msgid "SIGUSR2" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:182 -msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:193 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 -msgid "sss_obfuscate" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_obfuscate.8.xml:16 -msgid "obfuscate a clear text password" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_obfuscate.8.xml:21 -msgid "" -"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" -"replaceable></arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:32 -msgid "" -"<command>sss_obfuscate</command> converts a given password into human-" -"unreadable format and places it into appropriate domain section of the SSSD " -"config file." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:37 -msgid "" -"The cleartext password is read from standard input or entered " -"interactively. The obfuscated password is put into " -"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " -"<quote>ldap_default_authtok_type</quote> parameter is set to " -"<quote>obfuscated_password</quote>. Refer to <citerefentry> " -"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> for more details on these parameters." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:49 -msgid "" -"Please note that obfuscating the password provides <emphasis>no real " -"security benefit</emphasis> as it is still possible for an attacker to " -"reverse-engineer the password back. Using better authentication mechanisms " -"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " -"advised." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:63 -msgid "<option>-s</option>,<option>--stdin</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:67 -msgid "The password to obfuscate will be read from standard input." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:74 -msgid "" -"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:79 -msgid "" -"The SSSD domain to use the password in. The default name is <quote>default</" -"quote>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_obfuscate.8.xml:86 -msgid "" -"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:91 -msgid "Read the config file specified by the positional parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_obfuscate.8.xml:95 -msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_obfuscate.8.xml:105 -msgid "" -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 -msgid "" -"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 -msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "" -"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 -msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 -msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" -"baseDirectory</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently <filename>/bin/bash</" -"filename>. The default can be changed with <quote>user_defaults/" -"defaultShell</quote> setting in sssd.conf." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "" -"Do not create the user's home directory. Overrides configuration settings." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 -msgid "" -"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" -"replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 -msgid "" -"This option is only valid if the <option>-m</option> (or <option>--create-" -"home</option>) option is specified, or creation of home directories is set " -"to TRUE in the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 -msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 -msgid "sssd-krb5" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:23 -msgid "" -"This manual page describes the configuration of the Kerberos 5 " -"authentication backend for <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " -"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " -"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:36 -msgid "" -"The Kerberos 5 authentication backend contains auth and chpass providers. It " -"must be paired with identity provider in order to function properly (for " -"example, id_provider = ldap). Some information required by the Kerberos 5 " -"authentication backend must be provided by the identity provider, such as " -"the user's Kerberos Principal Name (UPN). The configuration of the identity " -"provider should have an entry to specify the UPN. Please refer to the man " -"page for the applicable identity provider for details on how to configure " -"this." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:47 -msgid "" -"This backend also provides access control based on the .k5login file in the " -"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " -"Please note that an empty .k5login file will deny all access to this user. " -"To activate this feature use 'access_provider = krb5' in your sssd " -"configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:55 -msgid "" -"In the case where the UPN is not available in the identity backend " -"<command>sssd</command> will construct a UPN using the format " -"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:106 -msgid "" -"The name of the Kerberos realm. This option is required and must be " -"specified." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:116 -msgid "" -"If the change password service is not running on the KDC alternative servers " -"can be defined here. An optional port number (preceded by a colon) may be " -"appended to the addresses or hostnames." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:122 -msgid "" -"For more information on failover and server redundancy, see the " -"<quote>FAILOVER</quote> section. Please note that even if there are no more " -"kpasswd servers to try the back end is not switch to offline if " -"authentication against the KDC is still possible." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:129 -msgid "Default: Use the KDC" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:135 -msgid "krb5_ccachedir (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:138 -msgid "" -"Directory to store credential caches. All the substitution sequences of " -"krb5_ccname_template can be used here, too, except %d and %P. If the " -"directory does not exist it will be created. If %u, %U, %p or %h are used a " -"private directory belonging to the user is created. Otherwise a public " -"directory with restricted deletion flag (aka sticky bit, see <citerefentry> " -"<refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> </" -"citerefentry> for details) is created." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:151 -msgid "Default: /tmp" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:157 -msgid "krb5_ccname_template (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:171 -msgid "login UID" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 -msgid "%p" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 -msgid "principal name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:179 -msgid "%r" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:180 -msgid "realm name" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 -msgid "%h" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 -msgid "home directory" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:189 -msgid "value of krb5ccache_dir" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:194 -msgid "%P" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:195 -msgid "the process ID of the sssd client" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:160 -msgid "" -"Location of the user's credential cache. Currently only file based " -"credential caches are supported. In the template the following sequences are " -"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " -"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " -"way." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:209 -msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:215 -msgid "krb5_auth_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:218 -msgid "" -"Timeout in seconds after an online authentication or change password request " -"is aborted. If possible the authentication request is continued offline." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:241 -msgid "krb5_keytab (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:244 -msgid "" -"The location of the keytab to use when validating credentials obtained from " -"KDCs." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:248 -msgid "Default: /etc/krb5.keytab" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:254 -msgid "krb5_store_password_if_offline (boolean)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "" -"Store the password of the user if the provider is offline and use it to " -"request a TGT when the provider gets online again." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:262 -msgid "" -"Please note that this feature currently only available on a Linux platform. " -"Passwords stored in this way are kept in plaintext in the kernel keyring and " -"are potentially accessible by the root user (with difficulty)." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:275 -msgid "krb5_renewable_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:278 -msgid "" -"Request a renewable ticket with a total lifetime given by an integer " -"immediately followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 -msgid "<emphasis>s</emphasis> seconds" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 -msgid "<emphasis>m</emphasis> minutes" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 -msgid "<emphasis>h</emphasis> hours" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 -msgid "<emphasis>d</emphasis> days." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:331 -msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:299 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"renewable lifetime to one and a half hours please use '90m' instead of " -"'1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:305 -msgid "Default: not set, i.e. the TGT is not renewable" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:311 -msgid "krb5_lifetime (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:314 -msgid "" -"Request ticket with a with a lifetime given by an integer immediately " -"followed by one of the following delimiters:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:335 -msgid "" -"Please note that it is not possible to mix units. If you want to set the " -"lifetime to one and a half hours please use '90m' instead of '1h30m'." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:340 -msgid "" -"Default: not set, i.e. the default ticket lifetime configured on the KDC." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:347 -msgid "krb5_renew_interval (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:350 -msgid "" -"The time in seconds between two checks if the TGT should be renewed. TGTs " -"are renewed if about half of their lifetime is exceeded." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:355 -msgid "If this option is not set or 0 the automatic renewal is disabled." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:365 -msgid "krb5_use_fast (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:368 -msgid "" -"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" -"authentication. The following options are supported:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:373 -msgid "" -"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " -"option at all." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:377 -msgid "" -"<emphasis>try</emphasis> to use FAST, if the server does not support fast " -"continue without." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:381 -msgid "" -"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " -"fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:385 -msgid "Default: not set, i.e. FAST is not used." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:388 -msgid "Please note that a keytab is required to use fast." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:391 -msgid "" -"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " -"and above. If sssd used with an older version using this option is a " -"configuration error." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:400 -msgid "krb5_fast_principal (string)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:403 -msgid "Specifies the server principal to use for FAST." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:412 -msgid "" -"Specifies if the host and user principal should be canonicalized. This " -"feature is available with MIT Kerberos >= 1.7" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:65 -msgid "" -"If the auth-module krb5 is used in a SSSD domain, the following options must " -"be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " -"SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:434 -msgid "" -"The following example assumes that SSSD is correctly configured and FOO is " -"one of the domains in the <replaceable>[sssd]</replaceable> section. This " -"example shows only configuration of Kerberos authentication, it does not " -"include any identity provider." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:442 -#, no-wrap -msgid "" -" [domain/FOO]\n" -" auth_provider = krb5\n" -" krb5_server = 192.168.1.1\n" -" krb5_realm = EXAMPLE.COM\n" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:453 -msgid "" -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd-ldap</" -"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 -msgid "sss_groupadd" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupadd.8.xml:16 -msgid "create a new group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupadd.8.xml:21 -msgid "" -"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:32 -msgid "" -"<command>sss_groupadd</command> creates a new group. These groups are " -"compatible with POSIX groups, with the additional feature that they can " -"contain other groups as members." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 -msgid "" -"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupadd.8.xml:48 -msgid "" -"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " -"not given, it is chosen automatically." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupadd.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 -msgid "sss_userdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_userdel.8.xml:16 -msgid "delete a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_userdel.8.xml:21 -msgid "" -"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:32 -msgid "" -"<command>sss_userdel</command> deletes a user identified by login name " -"<replaceable>LOGIN</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:44 -msgid "<option>-r</option>,<option>--remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:48 -msgid "" -"Files in the user's home directory will be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:56 -msgid "<option>-R</option>,<option>--no-remove</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:60 -msgid "" -"Files in the user's home directory will NOT be removed along with the home " -"directory itself and the user's mail spool. Overrides the configuration." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:68 -msgid "<option>-f</option>,<option>--force</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:72 -msgid "" -"This option forces <command>sss_userdel</command> to remove the user's home " -"directory and mail spool, even if they are not owned by the specified user." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_userdel.8.xml:80 -msgid "<option>-k</option>,<option>--kick</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_userdel.8.xml:84 -msgid "Before actually deleting the user, terminate all his processes." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_userdel.8.xml:95 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 -msgid "sss_groupdel" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupdel.8.xml:16 -msgid "delete a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupdel.8.xml:21 -msgid "" -"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:32 -msgid "" -"<command>sss_groupdel</command> deletes a group identified by its name " -"<replaceable>GROUP</replaceable> from the system." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupdel.8.xml:48 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 -msgid "sss_groupshow" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_groupshow.8.xml:16 -msgid "print properties of a group" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_groupshow.8.xml:21 -msgid "" -"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:32 -msgid "" -"<command>sss_groupshow</command> displays information about a group " -"identified by its name <replaceable>GROUP</replaceable>. The information " -"includes the group ID number, members of the group and the parent group." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupshow.8.xml:43 -msgid "<option>-R</option>,<option>--recursive</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_groupshow.8.xml:47 -msgid "" -"Also print indirect group members in a tree-like hierarchy. Note that this " -"also affects printing parent groups - without <option>R</option>, only the " -"direct parent will be printed." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_groupshow.8.xml:60 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupmod</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>." -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refname> -#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 -msgid "sss_usermod" -msgstr "" - -#. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_usermod.8.xml:16 -msgid "modify a user account" -msgstr "" - -#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_usermod.8.xml:21 -msgid "" -"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" -"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" -"arg>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:32 -msgid "" -"<command>sss_usermod</command> modifies the account specified by " -"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " -"on the command line." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:60 -msgid "The home directory of the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:71 -msgid "The user's login shell." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:82 -msgid "" -"Append this user to groups specified by the <replaceable>GROUPS</" -"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " -"a comma separated list of group names." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:96 -msgid "" -"Remove this user from groups specified by the <replaceable>GROUPS</" -"replaceable> parameter." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:103 -msgid "<option>-l</option>,<option>--lock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:107 -msgid "Lock the user account. The user won't be able to log in." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_usermod.8.xml:114 -msgid "<option>-u</option>,<option>--unlock</option>" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:118 -msgid "Unlock the user account." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_usermod.8.xml:129 -msgid "The SELinux user for the user's login." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para> -#: sss_usermod.8.xml:140 -msgid "" -"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" -"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/service_discovery.xml:2 -msgid "SERVICE DISCOVERY" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/service_discovery.xml:4 -msgid "" -"The service discovery feature allows back ends to automatically find the " -"appropriate servers to connect to using a special DNS query." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:9 -msgid "Configuration" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:11 -msgid "" -"If no servers are specified, the back end automatically uses service " -"discovery to try to find a server. Optionally, the user may choose to use " -"both fixed server addresses and service discovery by inserting a special " -"keyword, <quote>_srv_</quote>, in the list of servers. The order of " -"preference is maintained. This feature is useful if, for example, the user " -"prefers to use service discovery whenever possible, and fall back to a " -"specific server when no servers can be discovered using DNS." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:23 -msgid "The domain name" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:25 -msgid "" -"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> manual page for more details." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:35 -msgid "The protocol" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:37 -msgid "" -"The queries usually specify _tcp as the protocol. Exceptions are documented " -"in respective option description." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/service_discovery.xml:42 -msgid "See Also" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/service_discovery.xml:44 -msgid "" -"For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" - -#. type: Content of: outside any tag (error?) -#: include/upstream.xml:1 -msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" - -#. type: Content of: <refsect1><title> -#: include/failover.xml:2 -msgid "FAILOVER" -msgstr "" - -#. type: Content of: <refsect1><para> -#: include/failover.xml:4 -msgid "" -"The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:8 -msgid "Failover Syntax" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:10 -msgid "" -"The list of servers is given as a comma-separated list; any number of spaces " -"is allowed around the comma. The servers are listed in order of preference. " -"The list can contain any number of servers." -msgstr "" - -#. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 -msgid "The Failover Mechanism" -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 -msgid "" -"The failover mechanism distinguishes between a machine and a service. The " -"back end first tries to resolve the hostname of a given machine; if this " -"resolution attempt fails, the machine is considered offline. No further " -"attempts are made to connect to this machine for any other service. If the " -"resolution attempt succeeds, the back end tries to connect to a service on " -"this machine. If the service connection attempt fails, then only this " -"particular service is considered offline and the back end automatically " -"switches over to the next service. The machine is still considered online " -"and might still be tried for another service." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 -msgid "" -"Further connection attempts are made to machines or services marked as " -"offline after a specified period of time; this is currently hard coded to 30 " -"seconds." -msgstr "" - -#. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 -msgid "" -"If there are no more machines to try, the back end as a whole switches to " -"offline mode, and then attempts to reconnect every 30 seconds." -msgstr "" - -#. type: Content of: <varlistentry><term> -#: include/param_help.xml:3 -msgid "<option>-h</option>,<option>--help</option>" -msgstr "" - -#. type: Content of: <varlistentry><listitem><para> -#: include/param_help.xml:7 -msgid "Display help message and exit." -msgstr "" -- cgit